Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configure EAST

The following example configuration is for the EAST system.

Table 1. Basic site-to-site IPsec VPN connection over IPv6 - EAST
Step Command

View the data plane interface configuration on EAST.

vyatta@EAST# show interfaces dataplane

 dataplane dp0p1p2 {
    address 2001:db8:10::2/64
    duplex auto
    hw-id 00:15:5d:00:d5:35
    speed auto
 }
 dataplane dp0p1p3 {
    address 2001:db8:2::2/64
    duplex auto
    hw-id 00:15:5d:00:d5:36
    speed auto }
 }
[edit]

View the IPv6 IPsec configuration on EAST.

vyatta@EAST# show security vpn

 vpn {
    ipsec {
        esp-group ESP-1E {
            lifetime 3600
            mode tunnel
            pfs enable
            proposal 1 {
                encryption aes128
                hash sha1
            }
        }
        ike-group IKE-1E {
            lifetime 28800
            proposal 1 {
                encryption aes128
                hash sha1
            }
        }
logging {
            log-modes all
        }
        nat-traversal disable
        site-to-site {
            peer 2001:db8:10::1 {
                authentication {
                    mode pre-shared-secret
                    pre-shared-secret test123
                }
                connection-type initiate
                default-esp-group ESP-1E
                ike-group IKE-1E
                local-address 2001:db8:10::2
                tunnel 1 {
                    allow-nat-networks disable
                    allow-public-networks disable
                    local {
                        prefix 2001:db8:2::/64
                    }
                    remote {
                        prefix 2001:db8:1::/64
                    }
                }
            }
        }
    }
 }
[edit]