Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Supported VPN deployments

The following table shows the VPN deployment options that are supported by the Vyatta router.

Table 1. Site-to-site solutions
Solution Type Ease of Configurability Requires Public Key Infrastructure Configurable/Routable Interface Bridgeable Interoperability with Third-Party Solutions Comments
IPsec (pre-shared keys) Moderate No No No Very common
IPsec (RSA digital signatures) Moderate No No No Very common
Elaborate Very good No No No Common Provides a very secure but more involved configuration.

VTI

Similar to underlying IPsec No Yes No Common Adds an interface that can be configured, routed, or both to an IPsec solution and operates with a variety of third-party equipment.
GRE over IPsec Similar to underlying IPsec No Yes Yes Common Adds an interface that can be configured, routed, or both to an IPsec solution and operates with a variety of third-party equipment.
DMVPN Adds some complexity to underlying IPsec No Yes No Common Provides the ability to easily scale a hub-and-spoke multipoint GRE over IPsec solution. This solution limits the number of subnets required, reduces the configuration complexity at the hub, and reduces traffic at the hub by providing dynamic spoke-to-spoke tunnels.
OpenVPN (pre-shared secret) Easy No Yes Yes Uncommon Provides a highly flexible and resilient VPN protocol, which is recommended for Vyatta router to Vyatta router VPN connectivity.
OpenVPN (TLS) Elaborate Yes Yes Yes Uncommon
Table 2. Remote access solutions
Solution Type Ease of Configurability Requires Public Key Infrastructure Configurable/Routable Interface Bridgeable Interoperability with Third-Party Solutions Comments
RA (L2TP / IPsec – pre-shared keys) Easy No N/A No Very common Provides an easy way to configure Windows clients to connect remotely.
RA (L2TP / IPsec – X.509 certificates) Elaborate Yes N/A No Common Provides a more involved way to configure Windows clients to connect remotely.
OpenVPN (TLS) Elaborate Yes N/A No Uncommon Provides a more involved way to configure Windows clients to connect remotely.