Configure the Corporation-A router for policy-based IPsec on VFP
An example of how to configure Corporation-A router for policy-based IPsec on VFP.
- Specify that this VPN will use policy rule
10
, which has been defined for traffic heading to Corporation-B.vyatta@CORPA# set policy route policy-based toCorpB rule 10 action accept
- Specify that the policy applies to traffic originating from the Corporation-A client.
vyatta@CORPA# set policy route policy-based toCorpB rule 10 source address 10.0.2.0/24
- Specify that the policy applies to traffic going to the Corporation-B server.
vyatta@CORPA# set policy route policy-based toCorpB rule 10 destination address 10.0.1.0/24
- Specify that this policy is defined in
table 50
.vyatta@CORPA# set policy route policy-based toCorpB rule 10 table 50
- Specifies that the default route of this table is to through the VFP interface.
vyatta@CORPA# set protocols static table 50 interface-route 0.0.0.0/0 next-hop-interface vfp1
- Specify the interface to use to forward traffic that matches this policy.
vyatta@CORPA# set interfaces dataplane dp2p2p2 policy route policy-based toCorpB