summaryrefslogtreecommitdiffstats
path: root/usr/local/www/vpn_ipsec_phase2.php
Commit message (Collapse)AuthorAgeFilesLines
* Ticket #2455: do not check encryption algo for AH protocolPierre POMES2012-05-261-12/+17
|
* restore default dropdown values of 24/64 bitsDarren Embry2012-04-051-0/+38
| | | | | now that feature #2320 behavor is a bit different regarding change of existing set value when switching between ipv4 and ipv6
* add feature #2320 to vpn_ipsec_phase2.php.Darren Embry2012-04-051-32/+7
| | | | | | | note: had to disable existing behavior that modified the value of the behavior. existing behavior that disables/enables the dropdowns is still active.
* Reject an interface without a subnet as a network source in the IPsec Phase ↵jim-p2012-02-141-0/+10
| | | | 2 GUI. Fixes ticket #2201
* Merge remote branch 'upstream/master'jim-p2011-06-031-49/+38
|\ | | | | | | | | Conflicts: etc/inc/openvpn.inc
| * Bug #1560.IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-06-021-7/+21
| | | | | | | | given phase 1 (fixing p2 edit)
| * Bug #1560.IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-06-011-49/+24
| | | | | | | | given phase 1 (improvement of previous patch)
* | Merge remote branch 'upstream/master'jim-p2011-06-011-2/+68
|\ \ | |/ | | | | | | | | | | | | | | | | Conflicts: conf.default/config.xml etc/inc/filter.inc etc/inc/globals.inc etc/inc/pfsense-utils.inc etc/inc/upgrade_config.inc usr/local/www/interfaces.php
| * Bug #1560. IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-05-311-2/+41
| | | | | | | | given phase 1(site-to-site).
| * Bug #1560. IPsec GUI needs to reject duplicate subnets in phase 2s for a ↵Evgeny Yurchenko2011-05-311-1/+28
| | | | | | | | given phase 1(mobile clients).
* | enlarge various address fields for IPv6 addressesSeth Mos2011-03-171-3/+3
| |
* | Add the ability to differentiate between v4 and v6 tunnels. Bill says he can ↵Seth Mos2011-03-111-9/+21
|/ | | | test
* Make sure to resolve the gateway name before passing it off to the IPsec ↵smos2011-02-241-1/+2
| | | | reload function
* Add other interfaces to local network selection and show proper names. Fixes ↵Erik Fonnesbeck2010-11-221-1/+6
| | | | #965
* Fix XSS issuesScott Ullrich2010-11-121-10/+10
|
* Do not include 'remoteid' javascript functions for mobile ipsec. Ticket #797pierrepomes2010-10-171-9/+7
|
* Corrections gettext() calls on vpn_ipsec_phase2.phpRafael Lucas2010-07-301-1/+1
|
* Implement gettext() calls on vpn_ipsec_phase2.phpCarlos Eduardo Ramos2010-07-271-52/+52
|
* Remove Logs tab from OpenVPN, as it is no longer needed.jim-p2010-06-011-1/+0
|
* Add status/log icons to IPsec pages.jim-p2010-06-011-0/+3
|
* Add PSK tab to all IPsec pages, it was missing from some.jim-p2010-05-131-1/+2
|
* Ticket #430. Give a none option to allow for roadwarriors configs.Ermal Luçi2010-03-161-0/+5
|
* When editing a P2: reset netmask to 24 only when it is not specified, in ↵pierrepomes2010-02-231-2/+2
| | | | case of a new P2. Ticket #352
* Ticket #352. Allow 0 mask in remote network bits.Ermal Luçi2010-02-121-7/+8
|
* fix textChris Buechler2010-02-111-2/+2
|
* Rework includes/require. This saves about 4 megabytes.Scott Ullrich2009-11-211-0/+2
| | | | Simplify get_memory(). Tested on mips/i386
* add links to IPsec logs under IPsec status and other pagesChris Buechler2009-11-071-0/+1
|
* Include functions.inc which will then include ipsec.incScott Ullrich2009-08-231-1/+1
|
* Fix interface list usageErmal Luçi2009-07-071-3/+0
| | | | WARN: Please ask before introducing old code on what have changed!
* * Reorganize the 'apply' button infrustructure in the GUI.Ermal Luçi2009-06-301-1/+1
| | | | | | - Present three new functions is/mark/clear_subsystem_dirty('name_of_subsystem'). This makes easier to create such things without needing to introduce new globals. - Convert all pages to the new infrustructure - This improves a lot the control on this notification
* Modify IPsec code to allow for transport mode. All existing configurations aremgrooms2009-03-151-26/+59
| | | | | marked as tunnel for backwards compatibility. There are problems with the spd read code which Will likely choke on transport entries. We can fix this later.
* Move the IPsec pinghost option from phase1 to phase2. Correct somemgrooms2009-03-151-2/+26
| | | | bugs that were preventing the local address from being selected.
* Reload phase2 tunnel items when adding, remoing or editing a phase 2 entry.Seth Mos2009-03-121-0/+9
|
* Migrate IPsec certificate management to centralized system.mgrooms2009-03-121-1/+0
|
* Cleanup ipsec interfaces a bit and make sure they are displayed in tabs for ↵mgrooms2009-03-121-214/+256
| | | | consistency.
* Rewrite the pfsense privilege system with the following goals in mind ...Matthew Grooms2008-08-011-0/+8
| | | | | | | | 1) Redefine page privileges to not use static urls 2) Accurate generation of privilege definitions from source 3) Merging the user and group privileges into a single set 4) Allow any privilege to be added to users or groups w/ inheritance 5) Cleaning up the related WebUI pages
* Fix a few bugs in the IPsec pages HTML output that were causing problemsMatthew Grooms2008-07-141-1/+1
| | | | with IE.
* Introduce a new and improved version of IPsec mobile client support. TheMatthew Grooms2008-07-131-24/+83
| | | | | | | mobile client tab is now used to configure user authentication (Xauth) and client configuration (mode-cfg) options. User authentication is currently limited to system password file entries. This will be extended to support external RADIUS and LDAP account DBs in a follow up comiit.
* Overhaul IPsec related code. Shared functions have been consolidated intoMatthew Grooms2008-07-111-0/+489
a new file named /etc/ipsec.inc. Tunnel definitions have been split into phase1 and phase2. This allows any number of phase2 definitions to be created for a single phase1 definition. Several facets of configuration have also been improved. The key size for variable length algorithms can now be selected and the phase1 ID options have been extended to allow for more flexible configuration. Several NAT-T related issues have also been resolved. Please note, IPsec remote access functionality has been temporarily disabled. An improved implementation will be included in a follow up commit.
OpenPOWER on IntegriCloud