Configure an IKE group on the Corporation-A router

An example of how to configure an IKE group on the Corporation-A router.

These steps configure the IKE group ike1. The same IKE group and the same parameters must be used by both the Corporation-A router and the Corporation-B router for this IPsec site-to-site VPN connection.

Set the lifetime for the whole IKE group.

vyatta@CORPA# set security vpn ipsec ike-group ike1 lifetime 3000

Set the IKE group encryption cipher for proposal 1.

vyatta@CORPA# set security vpn ipsec ike-group ike1 proposal 1 encryption aes256

Specify that this IKE group applies to the connection from this router to Corporation-B router.
```
vyatta@CORPA# set security vpn ipsec site-to-site peer 128.0.0.13 ike-group ike1
```

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Configure an IKE group on the Corporation-A router

Helpful Links

Key Resources