Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configure an ESP group on the Corporation-B router

An example of how to configure an ESP group on the Corporation-B router.

These steps configure the ESP group esp1 on the Corporation-B router.
  1. Set the lifetime for the whole ESP group to match the setting being used by the Corporation-A router.
    vyatta@CORPB# set security vpn ipsec esp-group esp1 lifetime 600
  2. Set the ESP group encryption cipher to match the settings being used by the Corporation-A router.
    vyatta@CORPB# set security vpn ipsec esp-group esp1 proposal 1 encryption aes256
  3. Set the authentication mode to match the authentication mode set on the Corporation-A router and specify the IP address of the Corporation-A router.
    vyatta@CORPB# set security vpn ipsec site-to-site peer 128.0.0.11 authentication mode pre-shared-secret
  4. Set the pre-shared secret to match the secret set on the Corporation-A router and specify the IP address of the Corporation-A router.
    vyatta@CORPB# set security vpn ipsec site-to-site peer 128.0.0.11 authentication pre-shared-secret HelloDolly
  5. Specify the default ESP group for all tunnels to match the one specified on the Corporation-A router and specify the IP address of the Corporation-A router.
    vyatta@CORPB# set security vpn ipsec site-to-site peer 128.0.0.11 default-esp-group esp1