security vpn ipsec site-to-site peer <peer> authentication x509 cert-file <file-name>

Specifies the name of the VPN server's certificate file for IPsec authentication of the VPN peer.

set security vpn ipsec site-to-site peer peer authentication x509 cert-file file-name

delete security vpn ipsec site-to-site peer peer authentication x509 cert-file

show security vpn ipsec site-to-site peer peer authentication x509 cert-file

peer: Mandatory. The address of the far-end VPN gateway. The format is an IPv4 address, an IPv6 address, a hostname (IPv4 networks only), an authentication ID, or 0.0.0.0.
file-name: The name of the VPN server's certificate file. This parameter is mandatory if authentication mode is x509.

Configuration mode

security {
        vpn {
            ipsec {
            site-to-site {
                peer peer {
                    authentication {
                        x509 {
                            cert-file file-name
                        }
                    }
                }
            }
        }
    }
}

Use this command to specify the name to the VPN server's certificate file. The VPN server's certificate certifies the identity of the VPN server.

Certificate and key files are assumed to be in /config/auth unless an absolute path is specified.

Use the set form of this command to specify the name of the VPN server's certificate file.

Use the delete form of this command to remove the name of the VPN server's certificate file.

Use the show form of this command to display VPN server certificate file configuration.

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

security vpn ipsec site-to-site peer <peer> authentication x509 cert-file <file-name>

Helpful Links

Key Resources