Archives/opensense-docs
2
0
Fork 0
mirror of https://github.com/opnsense/docs synced 2024-10-30 21:20:20 +00:00
Code Issues Projects Releases Wiki Activity

VPN / OpenVPN - some typos in sslvpn_instance_s2s.rst

Browse Source
This commit is contained in:
Ad Schellevis 2023-11-04 15:33:05 +01:00
parent 73eb505f2c
commit bcb0368cc4
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
source/manual/how-tos/sslvpn_instance_s2s.rst
View File

@ -47,7 +47,7 @@ to peer both firewalls. We will create a tunnel network :code:`10.1.8.0/24` bet
fwa [shape = "cisco.firewall", address="10.0.8.1/24"]; fwa [shape = "cisco.firewall", address="10.0.8.1/24"];
} }
network Ext { network Ext {
address = "10.10.8.0/24"; address = "WAN net 10.10.8.0/24";
label = "Tunnel net 10.1.8.0/24"; label = "Tunnel net 10.1.8.0/24";
fwa [shape = "cisco.firewall", address="10.10.8.1/24"]; fwa [shape = "cisco.firewall", address="10.10.8.1/24"];
fwb [shape = "cisco.firewall", address="10.10.8.2/24"]; fwb [shape = "cisco.firewall", address="10.10.8.2/24"];
@ -89,7 +89,7 @@ We have chosen to setup the server on "Site B", so we start with Trust configura
* Choose the just created authority in `Certificate authority` * Choose the just created authority in `Certificate authority`
* Add descriptive information for this CA (`Descriptive name`, whereabouts are copied from the CA) * Add descriptive information for this CA (`Descriptive name`, whereabouts are copied from the CA)
* Set Type to `Server` * Set Type to `Server`
* Choose cryptographic settings, lifetime determines the validaty of the server certificate (you do need to track this yourself), it's allow to choose a longer period here * Choose cryptographic settings, lifetime determines the validaty of the server certificate (you do need to track this yourself), it's allowed to choose a longer period here
* Set the `Common Name` to the fqdn of this machine. * Set the `Common Name` to the fqdn of this machine.
* As the client (Site A) will also need a **Certificate**, we need to create a certificate, also using :menuselection:`System --> Trust --> Certificates` * As the client (Site A) will also need a **Certificate**, we need to create a certificate, also using :menuselection:`System --> Trust --> Certificates`
@ -119,7 +119,7 @@ select `auth` as mode and click the gear button to generate one. Provide a descr
Prepare Site A Prepare Site A
.......................................... ..........................................
* Copy the public part of the certificate authority to the firewall at Site a (use the download button and copy the contents into a new CA on this host) * Copy the public part of the certificate authority to the firewall at Site A (use the download button and copy the contents into a new CA on this host)
* Copy the public and private part of the client certificate into a new one on Site A * Copy the public and private part of the client certificate into a new one on Site A
* Copy the contents of the static key to a new entry and select the same type * Copy the contents of the static key to a new entry and select the same type