config.txt
All Users
Actions

Authored By

	246tnt
	Aug 30 2016, 3:10 PM

Size

2 KB

Referenced Files

None

Subscribers

None

config.txt
View Options

	interfaces {
	ethernet eth0 {
	address dhcp
	duplex auto
	smp-affinity auto
	speed auto
	}
	ethernet eth1 {
	vif 1000 {
	address 172.30.1.1/30
	}
	}
	loopback lo {
	}
	vti vti0 {
	address 172.30.1.5/30
	description "S2S Link"
	}
	}
	service {
	ssh {
	port 22
	}
	}
	system {
	config-management {
	commit-revisions 20
	}
	host-name vyos
	login {
	user vyos {
	authentication {
	encrypted-password ****************
	plaintext-password ****************
	public-keys tnt@whatever.lain {
	key ****************
	type ssh-rsa
	}
	}
	level admin
	}
	}
	ntp {
	server 0.pool.ntp.org {
	}
	server 1.pool.ntp.org {
	}
	server 2.pool.ntp.org {
	}
	}
	syslog {
	global {
	facility all {
	level notice
	}
	facility protocols {
	level debug
	}
	}
	}
	time-zone UTC
	}
	vpn {
	ipsec {
	esp-group esp-s2s {
	compression disable
	lifetime 3600
	mode tunnel
	pfs dh-group20
	proposal 1 {
	encryption aes128gcm128
	hash sha256
	}
	}
	ike-group ike-s2s {
	dead-peer-detection {
	action clear
	interval 15
	timeout 30
	}
	ikev2-reauth no
	key-exchange ikev2
	lifetime 28800
	proposal 1 {
	dh-group 20
	encryption aes128gcm128
	hash sha256
	}
	}
	ipsec-interfaces {
	interface eth1.1000
	}
	site-to-site {
	peer 172.30.1.2 {
	authentication {
	id 172.30.1.1
	mode pre-shared-secret
	pre-shared-secret ****************
	}
	connection-type initiate
	default-esp-group esp-s2s
	ike-group ike-s2s
	ikev2-reauth inherit
	local-address 172.30.1.1
	vti {
	bind vti0
	esp-group esp-s2s
	}
	}
	}
	}
	}