Supported platforms

Getting started Overview Architecture Supported platforms Release notes White papers

Getting started Overview Architecture Supported platforms Release notes White papers

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Supported platforms

Supported platforms On this page:

vRouter

Configuration (vRouter)

Security and VPN

IPsec Site-to-Site VPN

IPsec site-to-site VPN configuration

RSA digital signature authentication

Modify WEST's connection to EAST

VNF

UfiSpace S9500-30XS

Physical uCPEs

Modify WEST's connection to EAST

This task modifies the connection from WEST to EAST to use RSA digital signatures for authentication. In this example:

The authentication mode is changed from pre-shared secret to RSA digital signatures.
EAST's public key is specified as the remote key, under the identifier configured in Record EAST's public key on WEST.

To modify the site-to-site connection to use RSA configuration, perform the following steps:

Table 1. Configure WEST for RSA authentication
Step	Command
Remove the pre-shared key.	`vyatta@WEST# delete security vpn ipsec site-to-site peer 192.0.2.33 authentication pre-shared-secret`
Change the authentication mode.	`vyatta@WEST# set security vpn ipsec site-to-site peer 192.0.2.33 authentication mode rsa`
Provide the identifier for EAST's digital signature.	`vyatta@WEST# set security vpn ipsec site-to-site peer 192.0.2.33 authentication rsa-key-name EAST-key`
Commit the configuration.	`vyatta@WEST# commit`
View the modified configuration for the site-to-site connection.	`vyatta@WEST# show security vpn ipsec site-to-site peer 192.0.2.33 authentication { mode rsa rsa-key-name EAST-key } default-esp-group ESP-1W ike-group IKE-1W local-address 192.0.2.1 tunnel 1 { local { prefix 192.168.40.0/24 } remote { prefix 192.168.60.0/24 } }`
View data plane interface dp0p1p2 address configuration. local-address is set to this address.	`vyatta@WEST# show interfaces dataplane dp0p1p2 address address 192.0.2.1/27`

Last updated: December 22, 2021

Helpful Links

Key Resources

Get Started An introduction to the Ciena Vyatta NOS

The Vyatta NOS Overview Get to know more about how Vyatta NOS is the best solution

Vyatta NOS Architecture Overview An overview of the Vyatta NOS system architecture

Troubleshooting Guide Identify common issues with your configuration and network setup

Copyright © 2023 Ciena Corporation. All rights reserved