Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

security vpn ipsec site-to-site peer <peer> tunnel <tunnel> protocol <protocol>

Specifies the protocol to match for traffic to enter the tunnel.

set security vpn ipsec site-to-site peer peer tunnel tunnel protocol protocol
delete security vpn ipsec site-to-site peer peer tunnel tunnel protocol
show security vpn ipsec site-to-site peer peer tunnel tunnel protocol

The default is all.

peer
Mandatory. The address of the far-end VPN gateway. The format is an IPv4 address, an IPv6 address, a hostname (IPv4 networks only), an authentication ID, or 0.0.0.0.
tunnel
Mandatory. Multi-node. An integer that uniquely identifies this tunnel configuration for this peer VPN gateway. Each tunnel corresponds to a distinct connection configuration. The numbers range from 0 through 4294967295.

A given VPN peer may have more than one tunnel configuration, but each peer must have at least one. To define more than one tunnel configuration for a peer, create multiple tunnel configuration nodes within the peer configuration.

protocol
Any protocol literals or numbers listed in the file /etc/protocols can be used. The keywords tcp_udp (for both TCP and UDP) and all (for all protocols) are also supported.

Configuration mode

security {
        vpn {
            ipsec {
                site-to-site {
                    peer peer {
                        tunnel tunnel {
                            protocol protocol
                    }
                }
            }
        }
    }
}

Use this command to specify the protocol to match for traffic to enter the tunnel.

Use the set form of this command to specify the protocol.

Use the delete form of this command to remove protocol configuration.

Use the show form of this command to view protocol configuration.