Will investigate!
- Queries
- All Stories
- Search
- Advanced Search
- Transactions
- Transaction Logs
All Stories
Jun 28 2024
The correct pass options without "
set interfaces openvpn vtun20 encryption ncp-ciphers 'aes256' set interfaces openvpn vtun20 hash 'sha512' set interfaces openvpn vtun20 mode 'server' set interfaces openvpn vtun20 openvpn-option 'push keepalive 1 10' set interfaces openvpn vtun20 server subnet '10.10.2.0/24' set interfaces openvpn vtun20 server topology 'subnet' set interfaces openvpn vtun20 tls ca-certificate 'ca' set interfaces openvpn vtun20 tls certificate 'cert' set interfaces openvpn vtun20 tls dh-params 'dh'
This could be achieved with conntrack ignore
set system conntrack ignore ipv4 rule 10 destination address '100.64.0.0/28'
vyos-vm-images has been archived
Provide the set of commands to reproduce
Still bug, the original config in the top of the task
vyos@r4# run show conf com | match "nat " set nat source rule 100 destination port '5000-8000' set nat source rule 100 outbound-interface name 'eth0' set nat source rule 100 protocol 'tcp' set nat source rule 100 source address '10.0.0.0/24' set nat source rule 100 translation address 'masquerade' [edit] vyos@r4# [edit] vyos@r4# run show nat source rules Rule Source Destination Proto Out-Int Translation ------ ----------- ----------------------------- ------- --------- ------------- 100 10.0.0.0/24 0.0.0.0/0 IP eth0 masquerade sport any dport {'range': [5000, 8000]} [edit] vyos@r4# [edit] vyos@r4# [edit] vyos@r4# run show ver Version: VyOS 1.5-rolling-202406260020 Release train: current Release flavor: generic
We have ENV OCAML_VERSION 4.14.2 for both, @dmbaturin. Can we close it, or will you do an update to 5.0?
Not actual
vyos@r4:~$ show version all | match conntrack ii conntrack 1:1.4.7-1+b2 amd64 Program to modify the conntrack tables ii conntrackd 1:1.4.7-1+b2 amd64 Connection tracking daemon ii libnetfilter-conntrack3:amd64 1.0.9-1 amd64 Netfilter netlink-conntrack library vyos@r4:~$ vyos@r4:~$ show version Version: VyOS 1.5-rolling-202406260020 Release train: current Release flavor: generic
Try native nft commands for offload and check what it says.
# cat /tmp/offload.nft
Jun 27 2024
confirm that it works as well , spoke to spoke connection adding authentication. :
No, in this case there is no firewall configured.
Code is only used in vyos-1x
Do you have a firewall?
If not, it is expected error
Which exectly config it generates?
Based on this code should work https://github.com/vyos/vyos-1x/blob/b3b1d59d86af510c454da446f013b514389f5c7f/src/conf_mode/interfaces_openvpn.py#L683