Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Definitions of terms we use in IPsec RA VPN topics

IKE authentication; IKE exchange
Refers to the Phase1 IKEv2 negotiation as seen in the output of the show vpn ike sa command or IKE_SA in the logs.
Child SA
Refers to the Phase2 IKEv2 negotiation as seen in the output of the show vpn ipsec sa command or CHILD_SA in the logs.
1 tunnel
Refers to one 'IKE' security association pair (2) of 'IPsec' (SAs) with two or more security policies (SPs, at least one forward, at least one reverse). So, an established tunnel would refer to a client with two SAs and two or more SPs, and a server with two SAs and two or more SPs