Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configure strongSwan (Debian/Ubuntu client)

An example of how to configure strongSwan after you have installed it (along with its related packages).

  1. Edit the text file at /etc/swanctl/conf.d/devcloud1.conf: Copy and paste this configuration into the file.
    connections {
       devcloud {
         version = 2 # IKEv2
         dpd_delay = 60s # DPD check if IPsec traffic is idle for 60s
         remote_addrs = 10.10.2.3 # server addresses
         vips = 0.0.0.0 # request IPv4-only Virtual IP
         proposals = aes128gcm128-sha2_256-ecp256
    
         local-1 {
           auth = pubkey
           certs = /etc/swanctl/pubkey/devcloud1.vpn.am.crt
         }
         remote-1 {
           auth = pubkey
           revocation = strict
         }
         children {
           tunnel-1 {
             start_action = start
             close_action = trap
             remote_ts = 0.0.0.0/0 # will be negotiated down by the server
             dpd_action = restart
             esp_proposals = aes128gcm128-ecp256
          }
        }
       }
    }
  2. Save your changes to the file.