Puppet Class: ferm::ipsec_allow

Defined in:

modules/ferm/manifests/ipsec_allow.pp

Overview

Class ferm::ipsec_allow

Installs the rules needed to allow the all IPsec traffic

# File 'modules/ferm/manifests/ipsec_allow.pp', line 5

class ferm::ipsec_allow {
    #firewall allow ipsec esp
    ferm::rule { 'ferm-ipsec-esp':
        rule   => 'proto esp { saddr $DOMAIN_NETWORKS ACCEPT; }',
    }

    #firewall allow ipsec ike udp 500
    ferm::service { 'ferm-ipsec-ike':
        proto  => 'udp',
        port   => '500',
        srange => '$DOMAIN_NETWORKS',
    }

}