Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Configure an ESP group on the Corporation-A router

An example of how to configure an ESP group on the Corporation-A router.

These steps configure ESP group esp1. The same ESP group and the same parameters must be used by both the Corporation-A router and the Corporation-B router for this IPsec site-to-site VPN connection.
  1. Set the lifetime for the whole ESP group.
    vyatta@CORPA# set security vpn ipsec esp-group esp1 lifetime 600
  2. Set the authentication mode.
    vyatta@CORPA# set security vpn ipsec site-to-site peer 128.0.0.13 authentication mode pre-shared-secret
  3. Set the pre-shared secret.
    vyatta@CORPA#set security vpn ipsec site-to-site peer 128.0.0.13 authentication pre-shared-secret HelloDolly
  4. Specify the default ESP group for all tunnels.
    vyatta@CORPA#set security vpn ipsec site-to-site peer 128.0.0.13 default-esp-group esp1