Vyatta NOS documentation

Learn how to install, configure, and operate Vyatta Network Operating System (Vyatta NOS), which helps to drive our virtual networking and physical platforms portfolio.

Configure strongSwan (Fedora/RHEL/Centos client)

An example of how to configure strongSwan after you have installed it on the IPsec RA VPN client.

  1. Edit the text file at /etc/strongswan/swanctl/conf.d/devcloud1.conf: Copy and paste this configuration into the file.
    # Fedora28/RHEL8/Centos8
    connections {
      devcloud {
        version = 2 # IKEv2
        dpd_delay = 60s # DPD check if IPsec traffic is idle for 60s
        remote_addrs = 10.10.2.3 # RAVPN server addresses
        vips = 0.0.0.0 # request IPv4-only Virtual IP
        proposals = aes128gcm128-sha2_256-ecp256
    
    
    
        local-1 {
          auth = pubkey
          certs = /etc/strongswan/ipsec.d/certs/devcloud1.vpn.am.crt
        }
        remote-1 {
          auth = pubkey
          revocation = strict
        }
        children {
          tunnel-1 {
            start_action = start
            close_action = trap
            remote_ts = 0.0.0.0/0 # will be negotiated down by the server
            dpd_action = restart
            esp_proposals = aes128gcm128-ecp256
          }
        }
      }
    }
  2. Save your changes to the file.