Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Securing the mGRE tunnel with IPsec on SPOKE1

To secure the mGRE tunnel with IPsec, perform the following steps on SPOKE1 in configuration mode.

Table 1. Securing the mGRE tunnel with IPsec

Step

Command

Create the profile node.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN

Set the authentication mode.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN authentication mode pre-shared-secret

Define the preshared secret key. It must match that set on remote systems.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN authentication pre-shared-secret NET123

Bind the IPsec configuration to the tunnel.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN bind tunnel tun0

Specify the ESP configuration to use.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN esp-group ESP-1S

Specify the IKE configuration to use.

vyatta@SPOKE1# set security vpn ipsec profile DMVPN ike-group IKE-1S

Commit the configuration.

vyatta@SPOKE1# commit

View the configuration for the profile.

vyatta@SPOKE1# show vpn ipsec profile DMVPN

 authentication {
	mode pre-shared-secret
	pre-shared-secret NET123
 }
 bind {
	tunnel tun0
 }
 esp-group ESP-1S
 ike-group IKE-1S