Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Configure EAST

The following example configuration is for the EAST system.

Table 1. Basic site-to-site IPsec VPN connection over IPv6 - EAST
Step Command

View the data plane interface configuration on EAST.

vyatta@EAST# show interfaces dataplane

 dataplane dp0p1p2 {
    address 2001:db8:10::2/64
    duplex auto
    hw-id 00:15:5d:00:d5:35
    speed auto
 }
 dataplane dp0p1p3 {
    address 2001:db8:2::2/64
    duplex auto
    hw-id 00:15:5d:00:d5:36
    speed auto }
 }
[edit]

View the IPv6 IPsec configuration on EAST.

vyatta@EAST# show security vpn

 vpn {
    ipsec {
        esp-group ESP-1E {
            lifetime 3600
            mode tunnel
            pfs enable
            proposal 1 {
                encryption aes128
                hash sha1
            }
        }
        ike-group IKE-1E {
            lifetime 28800
            proposal 1 {
                encryption aes128
                hash sha1
            }
        }
logging {
            log-modes all
        }
        nat-traversal disable
        site-to-site {
            peer 2001:db8:10::1 {
                authentication {
                    mode pre-shared-secret
                    pre-shared-secret test123
                }
                connection-type initiate
                default-esp-group ESP-1E
                ike-group IKE-1E
                local-address 2001:db8:10::2
                tunnel 1 {
                    allow-nat-networks disable
                    allow-public-networks disable
                    local {
                        prefix 2001:db8:2::/64
                    }
                    remote {
                        prefix 2001:db8:1::/64
                    }
                }
            }
        }
    }
 }
[edit]