Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

VPN: IPsec: Connections: Pools add IP4_DNS and IP6_DNS Configuration Payloads #6864

Merged
merged 5 commits into from
Sep 20, 2023
Merged

VPN: IPsec: Connections: Pools add IP4_DNS and IP6_DNS Configuration Payloads #6864

merged 5 commits into from
Sep 20, 2023

Conversation

Monviech
Copy link
Member

@Monviech Monviech commented Sep 19, 2023
edited
Loading

#6860

Small explanation what I did:

  • I assessed that I needed to tokenize the input and to turn it into an array and to check if the input is an ipv4 or ipv6 address. I didn't know how to do it though, so I searched for clues how the Connections Local addresses did it, because I needed the same behavior.
  • I found the IKEAdressField.php which almost did what I needed, and copied it to PoolsDNSField.php and changed it a little so it only accepts IP Addresses.
  • Then I added a new field pools.dns to dialogPool.xml to accept the new DNS inputs in the WEB GUI.
  • Last I added <dns type=".\PoolsDNSField"/> to the <Pools> definition of Swanctl.xml

At that point it just worked as expected, I can add multiple IPv4 and IPv6 addresses into each individual pool and they get saved as array in the swanctl.conf. On connection, they're pushed to the client as IKE configuration payload.

Screenshots:
grafik

grafik

@Monviech
Copy link
Member Author

@AdSchellevis This works, I'm not sure why though and if it was the right way to do it. :)

@AdSchellevis AdSchellevis self-assigned this Sep 19, 2023
@Monviech
Delete PoolsDNSField.php
c1f816a 
It was unnecessary to create this Field since the existing NetworkField type works just fine.
@Monviech
Update Swanctl.xml - Added pools.dns NetworkField
4e4f39e
@Monviech Monviech marked this pull request as ready for review September 20, 2023 11:14
@AdSchellevis AdSchellevis added the feature Adding new functionality label Sep 20, 2023
@AdSchellevis AdSchellevis merged commit d3ea1f5 into opnsense:master Sep 20, 2023
@Monviech
Copy link
Member Author

@AdSchellevis
Great, I will update the new roadwarrior doc I wrote to incorporate this soon.

@Monviech Monviech deleted the swanctl-pools-dns branch September 20, 2023 12:35
fichtner pushed a commit that referenced this pull request Sep 27, 2023
@Monviech @fichtner
VPN: IPsec: Connections: Pools add IP4_DNS and IP6_DNS Configuration …
e92c509 
…Payloads (#6864)

(cherry picked from commit d3ea1f5)
(cherry picked from commit 11bbafe)
(cherry picked from commit b2b26a1)
AdSchellevis pushed a commit to opnsense/docs that referenced this pull request Oct 15, 2023
@Monviech
ipsec-swanctl-rw-ikev2-eap-mschapv2 (#501)
d16635c 
* created ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* Update vpnet.rst

Changed the position of Legacy and New > 23.1
Added how-tos/ipsec-swanctl-rw-ikev2-eap-mschapv2 to doctree in New > 23.1

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

General structure of How-To added

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Populated Prerequisites

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Populated IPsec connection settings for roadwarriors

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

Fixed IP address formatting in pools

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

* ipsec-swst Version completedanctl-rw-ikev2-eap-mschapv2.rst - Fir

* Update vpnet.rst - Switched Positions for client config

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst - Version 1.0

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst

- Added DNS configuration payload information to pools and clients opnsense/core#6864
- Added hint that ncp client is not affiliated with Deciso B.V.

* Update ipsec-swanctl-rw-ikev2-eap-mschapv2.rst - Added Routing

hint for Windows RAS Client in Split Tunneling mode.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AdSchellevis AdSchellevis AdSchellevis left review comments

Assignees

@AdSchellevis AdSchellevis

Labels
feature Adding new functionality
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@Monviech @AdSchellevis