Currently digging through a bug with ocserv upstream maintainers, might get a 1.1.7 once we fix that or atleast a 1.1.6-4.
Aside from the weird Duo+RADIUS thing, the version noted in this issue currently runs great.
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Mar 1 2023
Feb 28 2023
My Xbox One game console is set to use "automatic" settings regarding both port selection and forwarding (via UPNP), and in doing so it chose port 54060 on my LAN (and has been distributed the IP address 172.23.217.102 from my DHCP server — which is not VyOS, by the way).
A few issues I'm encountering while trying to test it right now:
PR for 1.3 https://github.com/vyos/vyos-build/pull/316
For 1.4
vyos@r14# run show version all | match ocser ii ocserv 1.1.6-3 amd64 OpenConnect VPN server compatible with Cisco AnyConnect VPN [edit] vyos@r14#
@Nova_Logic Is this bug still active?
It still requires testing
who can test if this feature works as expected?
@zsdc Can we close it?
PR for 1.3 https://github.com/vyos/vyos-1x/pull/1859
Done in T4014
Feb 27 2023
In T4917#140304, @Viacheslav wrote:In T4917#140239, @b- wrote:Thanks! That’ll help me with what I’m working on :)From where does this limitation originate, anyway? Is there a way to at least add . to the acceptable characters list, so as to allow for foo.sh? Would that break something that expects to skip over filenames with dots and other characters?
Not sure exactly but it seems this part of code https://github.com/vyos/vyatta-cfg/blob/ec568ce7b432acda01f9639afb509287a0e3d760/src/commit/commit-algorithm.cpp#L846
PR using list_interfaces from vyos-utils:
Openconnect
[edit] vyos@r14# set vpn openconnect network-settings push-route 100.64.22.0/24 [edit] vyos@r14# commit [ vpn openconnect ] /usr/libexec/vyos/conf_mode/vpn_openconnect.py:32: DeprecationWarning: 'crypt' is deprecated and slated for removal in Python 3.13 from crypt import crypt, mksalt, METHOD_SHA512
As a temporary workaround, I use the script below. For some reason /etc/rc.local no longer runs automatically on VyOS 1.3.2, so I run it manually after each reboot for now. Until it is run, Phicomm routers keep disconnecting due to failed IPV6CP negotiation incorrectly triggering complete PPPoE session termination. I have two PPPoE servers at different locations for redundancy, both rebooting at the same time is very unlikely, so I can live with it for now.
thank you, yes updating to latest 1.4 rolling has resolved the issue, pls feel free to close this task as duplicate to https://vyos.dev/T4907
I'd be happy to test anything that implements this. Previously, I (judging from the forum, I'm not the only one) using this EdgeOS-BL-Mgmt with 1.3.x.
are you saying this has been fixed in just the last 2 months ? i reported this on 1.4-rolling-202212280917
There is missed the command tc qdisc add dev eth0 handle ffff: ingress
vyos@r14# tc qdisc show dev eth0 qdisc pfifo_fast 0: root refcnt 2 bands 3 priomap 1 2 2 2 1 2 0 0 1 1 1 1 1 1 1 1 [edit] vyos@r14# [edit] vyos@r14# tc filter add dev eth0 parent ffff: protocol all prio 10 u32 match u32 0 0 flowid 1:1 action mirred egress redirect dev ifb0 Error: Parent Qdisc doesn't exists. We have an error talking to the kernel [edit] vyos@r14#
Try the latest rolling release
Feb 26 2023
Feb 25 2023
PR https://github.com/vyos/vyos-1x/pull/1853
vyos@r14:~$ generate public-key-command user foo path https://github.com/xxxxx.keys # To add this key as an embedded key, run the following commands: configure set system login user foo authentication public-keys github@39e9c9ba-408d-4b4b-9aa6-d07f531285bf key xxxxx set system login user foo authentication public-keys github@39e9c9ba-408d-4b4b-9aa6-d07f531285bf type ssh-rsa set system login user foo authentication public-keys github@4732d9b0-4bc5-47d1-9028-0e68348a932f key xxxxx set system login user foo authentication public-keys github@4732d9b0-4bc5-47d1-9028-0e68348a932f type ssh-rsa set system login user foo authentication public-keys github@a93a85ba-5b63-4c3a-a589-2e82da7c8f1f key xxxxx set system login user foo authentication public-keys github@a93a85ba-5b63-4c3a-a589-2e82da7c8f1f type ssh-rsa commit save exit vyos@r14:~$
Yes, apparently so from GitHub.
Do those keys always without an "identifier"?
I mean foo@localhost
ssh-rsa AAA....
Hello - I upgraded to the latest rolling release (1.4-rolling-202302250317), and it appears to be working. I am able to login with a radius account successfully. Thank you for your efforts! I see in you PR's above, the second link is to change the shell from "bash" to "vbash". It appears once I login with a radius privileged account, the shell continues to default to "bash":
including information about Netopee2/sysrepo services, how to integrate it with FRR, where we can utilize the advantages netconf/yang :