VPN

NOTE: Only the AP having firmware version 2.0.2.34 and greater will work in this functionality

<%= form_for @vpn , as: :vpn, url: create_update_vpn_inventory_index_path ,method: "post" , html: { class: "form-horizontal vpn-config-form" , role: "form"} do |f|%>

<%=label_tag '', "Connection Name",:class => 'col-md-4 control-label'%>

<%= f.text_field 'name',:class=>"form-control", :placeholder=>"", 'data-validation'=> "required"%>

Enable

<%= f.check_box :is_enabled,{ class: "enable_vpn bs-switch"}%>

<%= select_tag 'vpn[associated_resources][]' ,options_for_select(@mac.map{|r| [r[0],r[1],{'data-version' => r[2],'data-mac' => r[3]} ] }, { :selected => @vpn.associated_resources}), {:class => 'form-control associated-resource', :multiple => true, 'data-validation'=> "required ap-version-check" }%>

VPN

<%= f.select :protocol,['IPsec','Wireguard'],{}, {:class=>"form-control", :id => 'vpn_dropdown'}%>

Tunnel Connection

<%= f.select :tunnel_connection, options_for_select([['Always','0'],['Captive Portal Authentication','1']],@vpn.tunnel_connection),{},{:class=>"form-control", :data => {validation: 'required'}}%>

Type

<%= f.radio_button :wireguard, "server", :class=>""%> Server

<%= f.radio_button :wireguard, "client", :class=>"" %> Client

<%= f.radio_button :wireguard, "site_to_site", :class=>"" %> Site to Site

<%= render :partial=>"wireguard_server", locals: {f: f} %> <%= render :partial=>"wireguard_client", locals: { f: f } %> <%= render :partial=>"wireguard_site", locals: { f: f } %>

<%=label_tag '', "Local Network Subnet",:class => 'col-md-4'%>

<%= f.text_field :l_subnet,:class=>"form-control l_subnet", :placeholder=>"ex: 192.168.100.0/24,172.16.0.1/24", 'data-validation'=> "required", 'data-id' => @vpn.l_subnet%>

Enable Server-Client

<%= f.check_box :enable_server_client,{ class: " bs-switch"}, true, false%> Note: By default it will be site to site

Choose Server / Client

<%= f.radio_button :is_server, true, :class=>"", :checked => @vpn.is_server%> Server <%= f.radio_button :is_server, false, :class=>"", :checked => !@vpn.is_server%> Client

<%=label_tag '', "Remote Peer IP",:class => 'col-md-4 control-label rm_ip'%>

<% hsh = {:class=>"form-control remote-ip-vpn", :placeholder=>"", :disabled => 'disabled'} hsh.delete(:disabled) unless @vpn.enable_server_client && @vpn.is_server %> <%= f.text_field 'remote_ip', hsh %>

<%=label_tag '', "PassThrough",:class => 'col-md-4 control-label rm_ip'%>

<% hsh = {:class=>"form-control remote-ip-vpn", :placeholder=>"eg: 10.10.10.1/24,192.168.4.1", :disabled => 'disabled'} hsh.delete(:disabled) unless @vpn.enable_server_client && @vpn.is_server%> <%= f.text_field 'pass_through', hsh %>

Enable Gateway

<%= f.check_box :enable_gateway,{ class: "bs-switch"}, true, false%>

Gateway IP

<% hsh = {:class=>"form-control remote-ip-vpn", :placeholder=>""} hsh.delete(:disabled) unless @vpn.enable_server_client && @vpn.is_server %> <%= f.text_field 'gateway_ip', hsh %>

Enable NAT on the VPN Gateway

<%= f.check_box :enable_nat,{ class: " bs-switch"}, true, false%>

<%= f.hidden_field :id%>

Remote Network

<%=label_tag '', "Remote Subnet",:class => 'col-md-4 rm_nw_sb'%>

<%= f.text_field :remote_nw_subnet,:class=>"form-control ip", :placeholder=>"ex: 192.168.100.0/24,172.16.0.1/24", 'data-validation'=> "required" %>

Authentication

<%=label_tag '', "Method",:class => 'col-md-4'%>

<%= select_tag 'method',options_for_select([['PSK','psk']]),:class=>"form-control"%>

<%=label_tag '', "Pre-shared Key",:class => 'col-md-4'%>

<%= f.password_field :pre_shared_key,:class=>"form-control shared_key", 'data-validation'=> "required",:value => f.object.pre_shared_key, autocomplete: "new-password" %> show

<%=label_tag '', "IKE Version",:class => 'col-md-4'%> <%= radio_button_tag 'key','2',:class=>"form-control", :placeholder=>""%> 2

Phase 1 Selector(IKE)

<%= f.hidden_field :ike%>

<%=label_tag '', "Encryption",:class => 'col-md-4'%>

<%= select_tag 'encryption_type',options_for_select(VpnConfig::IKE_ENCRYPTION.map{|e| [e.upcase,e]},@vpn_p1.blank? ? '' : @vpn_p1[0]),:class=>"form-control p1_encrpt", :placeholder=>""%>

<%=label_tag '', "Authentication",:class => 'col-md-2'%>

<%= select_tag 'auth_type',options_for_select(VpnConfig::IKE_HASH.map{|e| [e.upcase,e]},@vpn_p1.blank? ? '' : @vpn_p1[1]),:class=>"form-control p1_auth", :placeholder=>""%>

<%=label_tag '', "Diffie-Hellman Group",:class => 'col-md-4'%>

<%= select_tag 'df_hellman',options_for_select(VpnConfig::DIFFIE_HELLMAN.map{|e| [e.upcase,e]},@vpn_p1.blank? ? '' : @vpn_p1[2]),:class=>"form-control p1_hellman", :placeholder=>""%>

<%=label_tag '', "Key Lifetime (M)",:class => 'col-md-4'%>

<%= f.number_field 'ike_time',:class=>"form-control", :placeholder=>"", min: 1,'data-validation'=> "required phone-only-integer"%>

Phase 2 Selectors(ESP)

<%= f.hidden_field :esp%>

<%=label_tag '', "Encryption",:class => 'col-md-4'%>

<%= select_tag 'encryption_type',options_for_select(VpnConfig::IKE_ENCRYPTION.map{|e| [e.upcase,e]},@vpn_p2.blank? ? '' : @vpn_p2[0]),:class=>"form-control p2_encrpt", :placeholder=>""%>

<%=label_tag '', "Authentication",:class => 'col-md-2'%>

<%= select_tag 'auth_type',options_for_select(VpnConfig::IKE_HASH.map{|e| [e.upcase,e]},@vpn_p1.blank? ? '' : @vpn_p2[1]),:class=>"form-control p2_auth", :placeholder=>""%>

<%=f.submit (@vpn.try(:id).blank? ? "Create VPN" : "Update VPN"),:class=>"btn btn-success"%> <%= link_to "Cancel", vpn_config_inventory_index_path, :class => "btn btn-primary" %>

<% end %>