interfaces { ethernet eth0 { address "10.2.0.2/24" description "WAN-Kernel" } ethernet eth1 { address "10.3.0.2/24" description "WAN-VPP" } ethernet eth2 { address "100.64.2.1/24" description "LAN-Kernel" } ethernet eth3 { address "100.64.3.1/24" description "LAN-VPP" } ethernet eth4 { } ethernet eth5 { } ethernet eth6 { } ethernet eth7 { address "192.168.122.102/24" } loopback lo { } vti vti0 { address "10.255.0.2/30" description "IPsec-VTI-peer-initiator-001-cfg_000" } vti vti1 { address "10.255.0.6/30" description "IPsec-VTI-peer-initiator-001-cfg_001" } vti vti2 { address "10.255.0.10/30" description "IPsec-VTI-peer-initiator-001-cfg_002" } vti vti3 { address "10.255.0.14/30" description "IPsec-VTI-peer-initiator-001-cfg_003" } vti vti4 { address "10.255.0.18/30" description "IPsec-VTI-peer-initiator-001-cfg_004" } vti vti5 { address "10.255.0.22/30" description "IPsec-VTI-peer-initiator-001-cfg_005" } vti vti6 { address "10.255.0.26/30" description "IPsec-VTI-peer-initiator-001-cfg_006" } vti vti7 { address "10.255.0.30/30" description "IPsec-VTI-peer-initiator-001-cfg_007" } vti vti8 { address "10.255.0.34/30" description "IPsec-VTI-peer-initiator-001-cfg_008" } vti vti9 { address "10.255.0.38/30" description "IPsec-VTI-peer-initiator-001-cfg_009" } vti vti10 { address "10.255.0.42/30" description "IPsec-VTI-peer-initiator-001-cfg_010" } vti vti11 { address "10.255.0.46/30" description "IPsec-VTI-peer-initiator-001-cfg_011" } vti vti12 { address "10.255.0.50/30" description "IPsec-VTI-peer-initiator-001-cfg_012" } vti vti13 { address "10.255.0.54/30" description "IPsec-VTI-peer-initiator-001-cfg_013" } vti vti14 { address "10.255.0.58/30" description "IPsec-VTI-peer-initiator-001-cfg_014" } vti vti15 { address "10.255.0.62/30" description "IPsec-VTI-peer-initiator-001-cfg_015" } vti vti16 { address "10.255.0.66/30" description "IPsec-VTI-peer-initiator-001-cfg_024" } vti vti17 { address "10.255.0.70/30" description "IPsec-VTI-peer-initiator-001-cfg_025" } vti vti18 { address "10.255.0.74/30" description "IPsec-VTI-peer-initiator-001-cfg_026" } vti vti19 { address "10.255.0.78/30" description "IPsec-VTI-peer-initiator-001-cfg_027" } vti vti20 { address "10.255.0.82/30" description "IPsec-VTI-peer-initiator-001-cfg_028" } vti vti21 { address "10.255.0.86/30" description "IPsec-VTI-peer-initiator-001-cfg_029" } vti vti22 { address "10.255.0.90/30" description "IPsec-VTI-peer-initiator-001-cfg_030" } vti vti23 { address "10.255.0.94/30" description "IPsec-VTI-peer-initiator-001-cfg_031" } vti vti24 { address "10.255.0.98/30" description "IPsec-VTI-peer-initiator-001-cfg_032" } vti vti25 { address "10.255.0.102/30" description "IPsec-VTI-peer-initiator-001-cfg_033" } vti vti26 { address "10.255.0.106/30" description "IPsec-VTI-peer-initiator-001-cfg_034" } vti vti27 { address "10.255.0.110/30" description "IPsec-VTI-peer-initiator-001-cfg_035" } vti vti28 { address "10.255.0.114/30" description "IPsec-VTI-peer-initiator-001-cfg_036" } vti vti29 { address "10.255.0.118/30" description "IPsec-VTI-peer-initiator-001-cfg_037" } vti vti30 { address "10.255.0.122/30" description "IPsec-VTI-peer-initiator-001-cfg_038" } vti vti31 { address "10.255.0.126/30" description "IPsec-VTI-peer-initiator-001-cfg_039" } vti vti32 { address "10.255.0.130/30" description "IPsec-VTI-peer-initiator-001-cfg_040" } vti vti33 { address "10.255.0.134/30" description "IPsec-VTI-peer-initiator-001-cfg_041" } vti vti34 { address "10.255.0.138/30" description "IPsec-VTI-peer-initiator-001-cfg_042" } vti vti35 { address "10.255.0.142/30" description "IPsec-VTI-peer-initiator-001-cfg_043" } vti vti36 { address "10.255.0.146/30" description "IPsec-VTI-peer-initiator-001-cfg_044" } vti vti37 { address "10.255.0.150/30" description "IPsec-VTI-peer-initiator-001-cfg_045" } vti vti38 { address "10.255.0.154/30" description "IPsec-VTI-peer-initiator-001-cfg_046" } vti vti39 { address "10.255.0.158/30" description "IPsec-VTI-peer-initiator-001-cfg_047" } vti vti40 { address "10.255.0.162/30" description "IPsec-VTI-peer-initiator-001-cfg_048" } vti vti41 { address "10.255.0.166/30" description "IPsec-VTI-peer-initiator-001-cfg_049" } vti vti42 { address "10.255.0.170/30" description "IPsec-VTI-peer-initiator-001-cfg_050" } vti vti43 { address "10.255.0.174/30" description "IPsec-VTI-peer-initiator-001-cfg_051" } vti vti44 { address "10.255.0.178/30" description "IPsec-VTI-peer-initiator-001-cfg_052" } vti vti45 { address "10.255.0.182/30" description "IPsec-VTI-peer-initiator-001-cfg_053" } vti vti46 { address "10.255.0.186/30" description "IPsec-VTI-peer-initiator-001-cfg_054" } vti vti47 { address "10.255.0.190/30" description "IPsec-VTI-peer-initiator-001-cfg_055" } } protocols { static { route 0.0.0.0/0 { next-hop 10.2.0.1 { interface "eth0" } } route 10.0.0.2/32 { next-hop 10.2.0.1 { interface "eth0" } } route 10.1.0.2/32 { next-hop 10.3.0.1 { interface "eth1" } } route 172.16.1.0/24 { next-hop 10.255.0.1 { } } route 172.16.2.0/24 { next-hop 10.255.0.5 { } } route 172.16.3.0/24 { next-hop 10.255.0.9 { } } route 172.16.4.0/24 { next-hop 10.255.0.13 { } } route 172.16.5.0/24 { next-hop 10.255.0.17 { } } route 172.16.6.0/24 { next-hop 10.255.0.21 { } } route 172.16.7.0/24 { next-hop 10.255.0.25 { } } route 172.16.8.0/24 { next-hop 10.255.0.29 { } } route 172.16.9.0/24 { next-hop 10.255.0.33 { } } route 172.16.10.0/24 { next-hop 10.255.0.33 { } } route 172.16.11.0/24 { next-hop 10.255.0.37 { } } route 172.16.12.0/24 { next-hop 10.255.0.37 { } } route 172.16.13.0/24 { next-hop 10.255.0.41 { } } route 172.16.14.0/24 { next-hop 10.255.0.41 { } } route 172.16.15.0/24 { next-hop 10.255.0.45 { } } route 172.16.16.0/24 { next-hop 10.255.0.45 { } } route 172.16.17.0/24 { next-hop 10.255.0.49 { } } route 172.16.18.0/24 { next-hop 10.255.0.49 { } } route 172.16.19.0/24 { next-hop 10.255.0.53 { } } route 172.16.20.0/24 { next-hop 10.255.0.53 { } } route 172.16.21.0/24 { next-hop 10.255.0.57 { } } route 172.16.22.0/24 { next-hop 10.255.0.57 { } } route 172.16.23.0/24 { next-hop 10.255.0.61 { } } route 172.16.24.0/24 { next-hop 10.255.0.61 { } } route 172.16.37.0/24 { next-hop 10.255.0.65 { } } route 172.16.38.0/24 { next-hop 10.255.0.69 { } } route 172.16.39.0/24 { next-hop 10.255.0.73 { } } route 172.16.40.0/24 { next-hop 10.255.0.77 { } } route 172.16.41.0/24 { next-hop 10.255.0.81 { } } route 172.16.42.0/24 { next-hop 10.255.0.85 { } } route 172.16.43.0/24 { next-hop 10.255.0.89 { } } route 172.16.44.0/24 { next-hop 10.255.0.93 { } } route 172.16.45.0/24 { next-hop 10.255.0.97 { } } route 172.16.46.0/24 { next-hop 10.255.0.101 { } } route 172.16.47.0/24 { next-hop 10.255.0.105 { } } route 172.16.48.0/24 { next-hop 10.255.0.109 { } } route 172.16.49.0/24 { next-hop 10.255.0.113 { } } route 172.16.50.0/24 { next-hop 10.255.0.117 { } } route 172.16.51.0/24 { next-hop 10.255.0.121 { } } route 172.16.52.0/24 { next-hop 10.255.0.125 { } } route 172.16.53.0/24 { next-hop 10.255.0.129 { } } route 172.16.54.0/24 { next-hop 10.255.0.129 { } } route 172.16.55.0/24 { next-hop 10.255.0.133 { } } route 172.16.56.0/24 { next-hop 10.255.0.133 { } } route 172.16.57.0/24 { next-hop 10.255.0.137 { } } route 172.16.58.0/24 { next-hop 10.255.0.137 { } } route 172.16.59.0/24 { next-hop 10.255.0.141 { } } route 172.16.60.0/24 { next-hop 10.255.0.141 { } } route 172.16.61.0/24 { next-hop 10.255.0.145 { } } route 172.16.62.0/24 { next-hop 10.255.0.145 { } } route 172.16.63.0/24 { next-hop 10.255.0.149 { } } route 172.16.64.0/24 { next-hop 10.255.0.149 { } } route 172.16.65.0/24 { next-hop 10.255.0.153 { } } route 172.16.66.0/24 { next-hop 10.255.0.153 { } } route 172.16.67.0/24 { next-hop 10.255.0.157 { } } route 172.16.68.0/24 { next-hop 10.255.0.157 { } } route 172.16.69.0/24 { next-hop 10.255.0.161 { } } route 172.16.70.0/24 { next-hop 10.255.0.161 { } } route 172.16.71.0/24 { next-hop 10.255.0.165 { } } route 172.16.72.0/24 { next-hop 10.255.0.165 { } } route 172.16.73.0/24 { next-hop 10.255.0.169 { } } route 172.16.74.0/24 { next-hop 10.255.0.169 { } } route 172.16.75.0/24 { next-hop 10.255.0.173 { } } route 172.16.76.0/24 { next-hop 10.255.0.173 { } } route 172.16.77.0/24 { next-hop 10.255.0.177 { } } route 172.16.78.0/24 { next-hop 10.255.0.177 { } } route 172.16.79.0/24 { next-hop 10.255.0.181 { } } route 172.16.80.0/24 { next-hop 10.255.0.181 { } } route 172.16.81.0/24 { next-hop 10.255.0.185 { } } route 172.16.82.0/24 { next-hop 10.255.0.185 { } } route 172.16.83.0/24 { next-hop 10.255.0.189 { } } route 172.16.84.0/24 { next-hop 10.255.0.189 { } } route 172.17.1.0/24 { next-hop 100.64.2.10 { } } route 172.17.2.0/24 { next-hop 100.64.3.10 { } } route 172.17.3.0/24 { next-hop 100.64.2.10 { } } route 172.17.4.0/24 { next-hop 100.64.3.10 { } } route 172.17.5.0/24 { next-hop 100.64.2.10 { } } route 172.17.6.0/24 { next-hop 100.64.2.10 { } } route 172.17.7.0/24 { next-hop 100.64.3.10 { } } route 172.17.8.0/24 { next-hop 100.64.3.10 { } } route 172.17.9.0/24 { next-hop 100.64.2.10 { } } route 172.17.10.0/24 { next-hop 100.64.2.10 { } } route 172.17.11.0/24 { next-hop 100.64.3.10 { } } route 172.17.12.0/24 { next-hop 100.64.3.10 { } } route 172.17.13.0/24 { next-hop 100.64.2.10 { } } route 172.17.14.0/24 { next-hop 100.64.3.10 { } } route 172.17.15.0/24 { next-hop 100.64.2.10 { } } route 172.17.16.0/24 { next-hop 100.64.3.10 { } } route 172.17.17.0/24 { next-hop 100.64.2.10 { } } route 172.17.18.0/24 { next-hop 100.64.2.10 { } } route 172.17.19.0/24 { next-hop 100.64.3.10 { } } route 172.17.20.0/24 { next-hop 100.64.3.10 { } } route 172.17.21.0/24 { next-hop 100.64.2.10 { } } route 172.17.22.0/24 { next-hop 100.64.2.10 { } } route 172.17.23.0/24 { next-hop 100.64.3.10 { } } route 172.17.24.0/24 { next-hop 100.64.3.10 { } } route 172.17.25.0/24 { next-hop 100.64.2.10 { } } route 172.17.26.0/24 { next-hop 100.64.3.10 { } } route 172.17.27.0/24 { next-hop 100.64.2.10 { } } route 172.17.28.0/24 { next-hop 100.64.2.10 { } } route 172.17.29.0/24 { next-hop 100.64.3.10 { } } route 172.17.30.0/24 { next-hop 100.64.3.10 { } } route 172.17.31.0/24 { next-hop 100.64.2.10 { } } route 172.17.32.0/24 { next-hop 100.64.3.10 { } } route 172.17.33.0/24 { next-hop 100.64.2.10 { } } route 172.17.34.0/24 { next-hop 100.64.2.10 { } } route 172.17.35.0/24 { next-hop 100.64.3.10 { } } route 172.17.36.0/24 { next-hop 100.64.3.10 { } } route 172.17.37.0/24 { next-hop 100.64.2.10 { } } route 172.17.38.0/24 { next-hop 100.64.3.10 { } } route 172.17.39.0/24 { next-hop 100.64.2.10 { } } route 172.17.40.0/24 { next-hop 100.64.3.10 { } } route 172.17.41.0/24 { next-hop 100.64.2.10 { } } route 172.17.42.0/24 { next-hop 100.64.3.10 { } } route 172.17.43.0/24 { next-hop 100.64.2.10 { } } route 172.17.44.0/24 { next-hop 100.64.3.10 { } } route 172.17.45.0/24 { next-hop 100.64.2.10 { } } route 172.17.46.0/24 { next-hop 100.64.2.10 { } } route 172.17.47.0/24 { next-hop 100.64.3.10 { } } route 172.17.48.0/24 { next-hop 100.64.3.10 { } } route 172.17.49.0/24 { next-hop 100.64.2.10 { } } route 172.17.50.0/24 { next-hop 100.64.2.10 { } } route 172.17.51.0/24 { next-hop 100.64.3.10 { } } route 172.17.52.0/24 { next-hop 100.64.3.10 { } } route 172.17.53.0/24 { next-hop 100.64.2.10 { } } route 172.17.54.0/24 { next-hop 100.64.2.10 { } } route 172.17.55.0/24 { next-hop 100.64.3.10 { } } route 172.17.56.0/24 { next-hop 100.64.3.10 { } } route 172.17.57.0/24 { next-hop 100.64.2.10 { } } route 172.17.58.0/24 { next-hop 100.64.2.10 { } } route 172.17.59.0/24 { next-hop 100.64.3.10 { } } route 172.17.60.0/24 { next-hop 100.64.3.10 { } } route 172.17.61.0/24 { next-hop 100.64.2.10 { } } route 172.17.62.0/24 { next-hop 100.64.3.10 { } } route 172.17.63.0/24 { next-hop 100.64.2.10 { } } route 172.17.64.0/24 { next-hop 100.64.3.10 { } } route 172.17.65.0/24 { next-hop 100.64.2.10 { } } route 172.17.66.0/24 { next-hop 100.64.3.10 { } } route 172.17.67.0/24 { next-hop 100.64.2.10 { } } route 172.17.68.0/24 { next-hop 100.64.3.10 { } } route 172.17.69.0/24 { next-hop 100.64.2.10 { } } route 172.17.70.0/24 { next-hop 100.64.2.10 { } } route 172.17.71.0/24 { next-hop 100.64.3.10 { } } route 172.17.72.0/24 { next-hop 100.64.3.10 { } } route 172.17.73.0/24 { next-hop 100.64.2.10 { } } route 172.17.74.0/24 { next-hop 100.64.2.10 { } } route 172.17.75.0/24 { next-hop 100.64.3.10 { } } route 172.17.76.0/24 { next-hop 100.64.3.10 { } } route 172.17.77.0/24 { next-hop 100.64.2.10 { } } route 172.17.78.0/24 { next-hop 100.64.2.10 { } } route 172.17.79.0/24 { next-hop 100.64.3.10 { } } route 172.17.80.0/24 { next-hop 100.64.3.10 { } } route 172.17.81.0/24 { next-hop 100.64.2.10 { } } route 172.17.82.0/24 { next-hop 100.64.2.10 { } } route 172.17.83.0/24 { next-hop 100.64.3.10 { } } route 172.17.84.0/24 { next-hop 100.64.3.10 { } } route 172.17.85.0/24 { next-hop 100.64.2.10 { } } route 172.17.86.0/24 { next-hop 100.64.3.10 { } } route 172.17.87.0/24 { next-hop 100.64.2.10 { } } route 172.17.88.0/24 { next-hop 100.64.3.10 { } } route 172.17.89.0/24 { next-hop 100.64.2.10 { } } route 172.17.90.0/24 { next-hop 100.64.2.10 { } } route 172.17.91.0/24 { next-hop 100.64.3.10 { } } route 172.17.92.0/24 { next-hop 100.64.3.10 { } } route 172.17.93.0/24 { next-hop 100.64.2.10 { } } route 172.17.94.0/24 { next-hop 100.64.2.10 { } } route 172.17.95.0/24 { next-hop 100.64.3.10 { } } route 172.17.96.0/24 { next-hop 100.64.3.10 { } } route 172.17.97.0/24 { next-hop 100.64.2.10 { } } route 172.17.98.0/24 { next-hop 100.64.3.10 { } } route 172.17.99.0/24 { next-hop 100.64.2.10 { } } route 172.17.100.0/24 { next-hop 100.64.3.10 { } } route 172.17.101.0/24 { next-hop 100.64.2.10 { } } route 172.17.102.0/24 { next-hop 100.64.2.10 { } } route 172.17.103.0/24 { next-hop 100.64.3.10 { } } route 172.17.104.0/24 { next-hop 100.64.3.10 { } } route 172.17.105.0/24 { next-hop 100.64.2.10 { } } route 172.17.106.0/24 { next-hop 100.64.2.10 { } } route 172.17.107.0/24 { next-hop 100.64.3.10 { } } route 172.17.108.0/24 { next-hop 100.64.3.10 { } } } } service { ntp { allow-client { address "127.0.0.0/8" address "169.254.0.0/16" address "10.0.0.0/8" address "172.16.0.0/12" address "192.168.0.0/16" address "::1/128" address "fe80::/10" address "fc00::/7" } server time1.vyos.net { } server time2.vyos.net { } server time3.vyos.net { } } ssh { } } system { config-management { commit-revisions "100" } console { device ttyS0 { speed "115200" } } host-name "router-responder-001" login { operator-group default { command-policy { allow "*" } } user vyos { authentication { encrypted-password "$6$rounds=656000$4HtxAJtjvdM9mKsx$kO8pfolaMYKqHB3ECh11xVXR67gvIbhOz2XlmBpwnwTQ.MDLeD.9fP2v2uZg7YZSrQNI2efb84kxIKMpx8sOc/" plaintext-password "" } } } option { kernel { cpu { disable-nmi-watchdog isolate-cpus "2-3" nohz-full "2-3" rcu-no-cbs "2-3" } disable-hpet disable-mce disable-mitigations disable-softlockup memory { hugepage-size 2M { hugepage-count "1024" } } } reboot-on-upgrade-failure "5" } syslog { local { facility all { level "info" } facility local7 { level "debug" } } } } vpn { ipsec { authentication { psk peer-initiator-001-cfg_000 { id "responder-001-cfg_000" id "initiator-001-cfg_000" secret "secret-cfg_000" } psk peer-initiator-001-cfg_001 { id "responder-001-cfg_001" id "initiator-001-cfg_001" secret "secret-cfg_001" } psk peer-initiator-001-cfg_002 { id "responder-001-cfg_002" id "initiator-001-cfg_002" secret "secret-cfg_002" } psk peer-initiator-001-cfg_003 { id "responder-001-cfg_003" id "initiator-001-cfg_003" secret "secret-cfg_003" } psk peer-initiator-001-cfg_004 { id "responder-001-cfg_004" id "initiator-001-cfg_004" secret "secret-cfg_004" } psk peer-initiator-001-cfg_005 { id "responder-001-cfg_005" id "initiator-001-cfg_005" secret "secret-cfg_005" } psk peer-initiator-001-cfg_006 { id "responder-001-cfg_006" id "initiator-001-cfg_006" secret "secret-cfg_006" } psk peer-initiator-001-cfg_007 { id "responder-001-cfg_007" id "initiator-001-cfg_007" secret "secret-cfg_007" } psk peer-initiator-001-cfg_008 { id "responder-001-cfg_008" id "initiator-001-cfg_008" secret "secret-cfg_008" } psk peer-initiator-001-cfg_009 { id "responder-001-cfg_009" id "initiator-001-cfg_009" secret "secret-cfg_009" } psk peer-initiator-001-cfg_010 { id "responder-001-cfg_010" id "initiator-001-cfg_010" secret "secret-cfg_010" } psk peer-initiator-001-cfg_011 { id "responder-001-cfg_011" id "initiator-001-cfg_011" secret "secret-cfg_011" } psk peer-initiator-001-cfg_012 { id "responder-001-cfg_012" id "initiator-001-cfg_012" secret "secret-cfg_012" } psk peer-initiator-001-cfg_013 { id "responder-001-cfg_013" id "initiator-001-cfg_013" secret "secret-cfg_013" } psk peer-initiator-001-cfg_014 { id "responder-001-cfg_014" id "initiator-001-cfg_014" secret "secret-cfg_014" } psk peer-initiator-001-cfg_015 { id "responder-001-cfg_015" id "initiator-001-cfg_015" secret "secret-cfg_015" } psk peer-initiator-001-cfg_016 { id "responder-001-cfg_016" id "initiator-001-cfg_016" secret "secret-cfg_016" } psk peer-initiator-001-cfg_017 { id "responder-001-cfg_017" id "initiator-001-cfg_017" secret "secret-cfg_017" } psk peer-initiator-001-cfg_018 { id "responder-001-cfg_018" id "initiator-001-cfg_018" secret "secret-cfg_018" } psk peer-initiator-001-cfg_019 { id "responder-001-cfg_019" id "initiator-001-cfg_019" secret "secret-cfg_019" } psk peer-initiator-001-cfg_020 { id "responder-001-cfg_020" id "initiator-001-cfg_020" secret "secret-cfg_020" } psk peer-initiator-001-cfg_021 { id "responder-001-cfg_021" id "initiator-001-cfg_021" secret "secret-cfg_021" } psk peer-initiator-001-cfg_022 { id "responder-001-cfg_022" id "initiator-001-cfg_022" secret "secret-cfg_022" } psk peer-initiator-001-cfg_023 { id "responder-001-cfg_023" id "initiator-001-cfg_023" secret "secret-cfg_023" } psk peer-initiator-001-cfg_024 { id "responder-001-cfg_024" id "initiator-001-cfg_024" secret "secret-cfg_024" } psk peer-initiator-001-cfg_025 { id "responder-001-cfg_025" id "initiator-001-cfg_025" secret "secret-cfg_025" } psk peer-initiator-001-cfg_026 { id "responder-001-cfg_026" id "initiator-001-cfg_026" secret "secret-cfg_026" } psk peer-initiator-001-cfg_027 { id "responder-001-cfg_027" id "initiator-001-cfg_027" secret "secret-cfg_027" } psk peer-initiator-001-cfg_028 { id "responder-001-cfg_028" id "initiator-001-cfg_028" secret "secret-cfg_028" } psk peer-initiator-001-cfg_029 { id "responder-001-cfg_029" id "initiator-001-cfg_029" secret "secret-cfg_029" } psk peer-initiator-001-cfg_030 { id "responder-001-cfg_030" id "initiator-001-cfg_030" secret "secret-cfg_030" } psk peer-initiator-001-cfg_031 { id "responder-001-cfg_031" id "initiator-001-cfg_031" secret "secret-cfg_031" } psk peer-initiator-001-cfg_032 { id "responder-001-cfg_032" id "initiator-001-cfg_032" secret "secret-cfg_032" } psk peer-initiator-001-cfg_033 { id "responder-001-cfg_033" id "initiator-001-cfg_033" secret "secret-cfg_033" } psk peer-initiator-001-cfg_034 { id "responder-001-cfg_034" id "initiator-001-cfg_034" secret "secret-cfg_034" } psk peer-initiator-001-cfg_035 { id "responder-001-cfg_035" id "initiator-001-cfg_035" secret "secret-cfg_035" } psk peer-initiator-001-cfg_036 { id "responder-001-cfg_036" id "initiator-001-cfg_036" secret "secret-cfg_036" } psk peer-initiator-001-cfg_037 { id "responder-001-cfg_037" id "initiator-001-cfg_037" secret "secret-cfg_037" } psk peer-initiator-001-cfg_038 { id "responder-001-cfg_038" id "initiator-001-cfg_038" secret "secret-cfg_038" } psk peer-initiator-001-cfg_039 { id "responder-001-cfg_039" id "initiator-001-cfg_039" secret "secret-cfg_039" } psk peer-initiator-001-cfg_040 { id "responder-001-cfg_040" id "initiator-001-cfg_040" secret "secret-cfg_040" } psk peer-initiator-001-cfg_041 { id "responder-001-cfg_041" id "initiator-001-cfg_041" secret "secret-cfg_041" } psk peer-initiator-001-cfg_042 { id "responder-001-cfg_042" id "initiator-001-cfg_042" secret "secret-cfg_042" } psk peer-initiator-001-cfg_043 { id "responder-001-cfg_043" id "initiator-001-cfg_043" secret "secret-cfg_043" } psk peer-initiator-001-cfg_044 { id "responder-001-cfg_044" id "initiator-001-cfg_044" secret "secret-cfg_044" } psk peer-initiator-001-cfg_045 { id "responder-001-cfg_045" id "initiator-001-cfg_045" secret "secret-cfg_045" } psk peer-initiator-001-cfg_046 { id "responder-001-cfg_046" id "initiator-001-cfg_046" secret "secret-cfg_046" } psk peer-initiator-001-cfg_047 { id "responder-001-cfg_047" id "initiator-001-cfg_047" secret "secret-cfg_047" } psk peer-initiator-001-cfg_048 { id "responder-001-cfg_048" id "initiator-001-cfg_048" secret "secret-cfg_048" } psk peer-initiator-001-cfg_049 { id "responder-001-cfg_049" id "initiator-001-cfg_049" secret "secret-cfg_049" } psk peer-initiator-001-cfg_050 { id "responder-001-cfg_050" id "initiator-001-cfg_050" secret "secret-cfg_050" } psk peer-initiator-001-cfg_051 { id "responder-001-cfg_051" id "initiator-001-cfg_051" secret "secret-cfg_051" } psk peer-initiator-001-cfg_052 { id "responder-001-cfg_052" id "initiator-001-cfg_052" secret "secret-cfg_052" } psk peer-initiator-001-cfg_053 { id "responder-001-cfg_053" id "initiator-001-cfg_053" secret "secret-cfg_053" } psk peer-initiator-001-cfg_054 { id "responder-001-cfg_054" id "initiator-001-cfg_054" secret "secret-cfg_054" } psk peer-initiator-001-cfg_055 { id "responder-001-cfg_055" id "initiator-001-cfg_055" secret "secret-cfg_055" } psk peer-initiator-001-cfg_056 { id "responder-001-cfg_056" id "initiator-001-cfg_056" secret "secret-cfg_056" } psk peer-initiator-001-cfg_057 { id "responder-001-cfg_057" id "initiator-001-cfg_057" secret "secret-cfg_057" } psk peer-initiator-001-cfg_058 { id "responder-001-cfg_058" id "initiator-001-cfg_058" secret "secret-cfg_058" } psk peer-initiator-001-cfg_059 { id "responder-001-cfg_059" id "initiator-001-cfg_059" secret "secret-cfg_059" } psk peer-initiator-001-cfg_060 { id "responder-001-cfg_060" id "initiator-001-cfg_060" secret "secret-cfg_060" } psk peer-initiator-001-cfg_061 { id "responder-001-cfg_061" id "initiator-001-cfg_061" secret "secret-cfg_061" } psk peer-initiator-001-cfg_062 { id "responder-001-cfg_062" id "initiator-001-cfg_062" secret "secret-cfg_062" } psk peer-initiator-001-cfg_063 { id "responder-001-cfg_063" id "initiator-001-cfg_063" secret "secret-cfg_063" } psk peer-initiator-001-cfg_064 { id "responder-001-cfg_064" id "initiator-001-cfg_064" secret "secret-cfg_064" } psk peer-initiator-001-cfg_065 { id "responder-001-cfg_065" id "initiator-001-cfg_065" secret "secret-cfg_065" } psk peer-initiator-001-cfg_066 { id "responder-001-cfg_066" id "initiator-001-cfg_066" secret "secret-cfg_066" } psk peer-initiator-001-cfg_067 { id "responder-001-cfg_067" id "initiator-001-cfg_067" secret "secret-cfg_067" } psk peer-initiator-001-cfg_068 { id "responder-001-cfg_068" id "initiator-001-cfg_068" secret "secret-cfg_068" } psk peer-initiator-001-cfg_069 { id "responder-001-cfg_069" id "initiator-001-cfg_069" secret "secret-cfg_069" } psk peer-initiator-001-cfg_070 { id "responder-001-cfg_070" id "initiator-001-cfg_070" secret "secret-cfg_070" } psk peer-initiator-001-cfg_071 { id "responder-001-cfg_071" id "initiator-001-cfg_071" secret "secret-cfg_071" } } esp-group ESP-TUNNEL { lifetime "3600" mode "tunnel" pfs "dh-group14" proposal 10 { encryption "aes256" hash "sha256" } } esp-group ESP-VTI { lifetime "3600" mode "tunnel" pfs "dh-group14" proposal 10 { encryption "aes256" hash "sha256" } } ike-group IKE-GROUP { key-exchange "ikev2" lifetime "28800" proposal 10 { dh-group "14" encryption "aes256" hash "sha256" } } site-to-site { peer peer-initiator-001-cfg_000 { authentication { local-id "responder-001-cfg_000" mode "pre-shared-secret" remote-id "initiator-001-cfg_000" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti0" traffic-selector { local { prefix "172.17.1.0/24" } remote { prefix "172.16.1.0/24" } } } } peer peer-initiator-001-cfg_001 { authentication { local-id "responder-001-cfg_001" mode "pre-shared-secret" remote-id "initiator-001-cfg_001" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti1" traffic-selector { local { prefix "172.17.2.0/24" } remote { prefix "172.16.2.0/24" } } } } peer peer-initiator-001-cfg_002 { authentication { local-id "responder-001-cfg_002" mode "pre-shared-secret" remote-id "initiator-001-cfg_002" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti2" traffic-selector { local { prefix "172.17.3.0/24" } remote { prefix "172.16.3.0/24" } } } } peer peer-initiator-001-cfg_003 { authentication { local-id "responder-001-cfg_003" mode "pre-shared-secret" remote-id "initiator-001-cfg_003" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti3" traffic-selector { local { prefix "172.17.4.0/24" } remote { prefix "172.16.4.0/24" } } } } peer peer-initiator-001-cfg_004 { authentication { local-id "responder-001-cfg_004" mode "pre-shared-secret" remote-id "initiator-001-cfg_004" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti4" traffic-selector { local { prefix "172.17.5.0/24" prefix "172.17.6.0/24" } remote { prefix "172.16.5.0/24" } } } } peer peer-initiator-001-cfg_005 { authentication { local-id "responder-001-cfg_005" mode "pre-shared-secret" remote-id "initiator-001-cfg_005" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti5" traffic-selector { local { prefix "172.17.7.0/24" prefix "172.17.8.0/24" } remote { prefix "172.16.6.0/24" } } } } peer peer-initiator-001-cfg_006 { authentication { local-id "responder-001-cfg_006" mode "pre-shared-secret" remote-id "initiator-001-cfg_006" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti6" traffic-selector { local { prefix "172.17.9.0/24" prefix "172.17.10.0/24" } remote { prefix "172.16.7.0/24" } } } } peer peer-initiator-001-cfg_007 { authentication { local-id "responder-001-cfg_007" mode "pre-shared-secret" remote-id "initiator-001-cfg_007" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti7" traffic-selector { local { prefix "172.17.11.0/24" prefix "172.17.12.0/24" } remote { prefix "172.16.8.0/24" } } } } peer peer-initiator-001-cfg_008 { authentication { local-id "responder-001-cfg_008" mode "pre-shared-secret" remote-id "initiator-001-cfg_008" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti8" traffic-selector { local { prefix "172.17.13.0/24" } remote { prefix "172.16.9.0/24" prefix "172.16.10.0/24" } } } } peer peer-initiator-001-cfg_009 { authentication { local-id "responder-001-cfg_009" mode "pre-shared-secret" remote-id "initiator-001-cfg_009" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti9" traffic-selector { local { prefix "172.17.14.0/24" } remote { prefix "172.16.11.0/24" prefix "172.16.12.0/24" } } } } peer peer-initiator-001-cfg_010 { authentication { local-id "responder-001-cfg_010" mode "pre-shared-secret" remote-id "initiator-001-cfg_010" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti10" traffic-selector { local { prefix "172.17.15.0/24" } remote { prefix "172.16.13.0/24" prefix "172.16.14.0/24" } } } } peer peer-initiator-001-cfg_011 { authentication { local-id "responder-001-cfg_011" mode "pre-shared-secret" remote-id "initiator-001-cfg_011" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti11" traffic-selector { local { prefix "172.17.16.0/24" } remote { prefix "172.16.15.0/24" prefix "172.16.16.0/24" } } } } peer peer-initiator-001-cfg_012 { authentication { local-id "responder-001-cfg_012" mode "pre-shared-secret" remote-id "initiator-001-cfg_012" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti12" traffic-selector { local { prefix "172.17.17.0/24" prefix "172.17.18.0/24" } remote { prefix "172.16.17.0/24" prefix "172.16.18.0/24" } } } } peer peer-initiator-001-cfg_013 { authentication { local-id "responder-001-cfg_013" mode "pre-shared-secret" remote-id "initiator-001-cfg_013" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti13" traffic-selector { local { prefix "172.17.19.0/24" prefix "172.17.20.0/24" } remote { prefix "172.16.19.0/24" prefix "172.16.20.0/24" } } } } peer peer-initiator-001-cfg_014 { authentication { local-id "responder-001-cfg_014" mode "pre-shared-secret" remote-id "initiator-001-cfg_014" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti14" traffic-selector { local { prefix "172.17.21.0/24" prefix "172.17.22.0/24" } remote { prefix "172.16.21.0/24" prefix "172.16.22.0/24" } } } } peer peer-initiator-001-cfg_015 { authentication { local-id "responder-001-cfg_015" mode "pre-shared-secret" remote-id "initiator-001-cfg_015" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti15" traffic-selector { local { prefix "172.17.23.0/24" prefix "172.17.24.0/24" } remote { prefix "172.16.23.0/24" prefix "172.16.24.0/24" } } } } peer peer-initiator-001-cfg_016 { authentication { local-id "responder-001-cfg_016" mode "pre-shared-secret" remote-id "initiator-001-cfg_016" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.25.0/24" } remote { prefix "172.16.25.0/24" } } } peer peer-initiator-001-cfg_017 { authentication { local-id "responder-001-cfg_017" mode "pre-shared-secret" remote-id "initiator-001-cfg_017" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.26.0/24" } remote { prefix "172.16.26.0/24" } } } peer peer-initiator-001-cfg_018 { authentication { local-id "responder-001-cfg_018" mode "pre-shared-secret" remote-id "initiator-001-cfg_018" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.27.0/24" } remote { prefix "172.16.27.0/24" } } tunnel 11 { local { prefix "172.17.28.0/24" } remote { prefix "172.16.27.0/24" } } } peer peer-initiator-001-cfg_019 { authentication { local-id "responder-001-cfg_019" mode "pre-shared-secret" remote-id "initiator-001-cfg_019" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.29.0/24" } remote { prefix "172.16.28.0/24" } } tunnel 11 { local { prefix "172.17.30.0/24" } remote { prefix "172.16.28.0/24" } } } peer peer-initiator-001-cfg_020 { authentication { local-id "responder-001-cfg_020" mode "pre-shared-secret" remote-id "initiator-001-cfg_020" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.31.0/24" } remote { prefix "172.16.29.0/24" } } tunnel 11 { local { prefix "172.17.31.0/24" } remote { prefix "172.16.30.0/24" } } } peer peer-initiator-001-cfg_021 { authentication { local-id "responder-001-cfg_021" mode "pre-shared-secret" remote-id "initiator-001-cfg_021" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.32.0/24" } remote { prefix "172.16.31.0/24" } } tunnel 11 { local { prefix "172.17.32.0/24" } remote { prefix "172.16.32.0/24" } } } peer peer-initiator-001-cfg_022 { authentication { local-id "responder-001-cfg_022" mode "pre-shared-secret" remote-id "initiator-001-cfg_022" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.33.0/24" } remote { prefix "172.16.33.0/24" } } tunnel 11 { local { prefix "172.17.33.0/24" } remote { prefix "172.16.34.0/24" } } tunnel 12 { local { prefix "172.17.34.0/24" } remote { prefix "172.16.33.0/24" } } tunnel 13 { local { prefix "172.17.34.0/24" } remote { prefix "172.16.34.0/24" } } } peer peer-initiator-001-cfg_023 { authentication { local-id "responder-001-cfg_023" mode "pre-shared-secret" remote-id "initiator-001-cfg_023" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.35.0/24" } remote { prefix "172.16.35.0/24" } } tunnel 11 { local { prefix "172.17.35.0/24" } remote { prefix "172.16.36.0/24" } } tunnel 12 { local { prefix "172.17.36.0/24" } remote { prefix "172.16.35.0/24" } } tunnel 13 { local { prefix "172.17.36.0/24" } remote { prefix "172.16.36.0/24" } } } peer peer-initiator-001-cfg_024 { authentication { local-id "responder-001-cfg_024" mode "pre-shared-secret" remote-id "initiator-001-cfg_024" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti16" traffic-selector { local { prefix "172.17.37.0/24" } remote { prefix "172.16.37.0/24" } } } } peer peer-initiator-001-cfg_025 { authentication { local-id "responder-001-cfg_025" mode "pre-shared-secret" remote-id "initiator-001-cfg_025" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti17" traffic-selector { local { prefix "172.17.38.0/24" } remote { prefix "172.16.38.0/24" } } } } peer peer-initiator-001-cfg_026 { authentication { local-id "responder-001-cfg_026" mode "pre-shared-secret" remote-id "initiator-001-cfg_026" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti18" traffic-selector { local { prefix "172.17.39.0/24" } remote { prefix "172.16.39.0/24" } } } } peer peer-initiator-001-cfg_027 { authentication { local-id "responder-001-cfg_027" mode "pre-shared-secret" remote-id "initiator-001-cfg_027" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti19" traffic-selector { local { prefix "172.17.40.0/24" } remote { prefix "172.16.40.0/24" } } } } peer peer-initiator-001-cfg_028 { authentication { local-id "responder-001-cfg_028" mode "pre-shared-secret" remote-id "initiator-001-cfg_028" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti20" traffic-selector { local { prefix "172.17.41.0/24" } remote { prefix "172.16.41.0/24" } } } } peer peer-initiator-001-cfg_029 { authentication { local-id "responder-001-cfg_029" mode "pre-shared-secret" remote-id "initiator-001-cfg_029" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti21" traffic-selector { local { prefix "172.17.42.0/24" } remote { prefix "172.16.42.0/24" } } } } peer peer-initiator-001-cfg_030 { authentication { local-id "responder-001-cfg_030" mode "pre-shared-secret" remote-id "initiator-001-cfg_030" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti22" traffic-selector { local { prefix "172.17.43.0/24" } remote { prefix "172.16.43.0/24" } } } } peer peer-initiator-001-cfg_031 { authentication { local-id "responder-001-cfg_031" mode "pre-shared-secret" remote-id "initiator-001-cfg_031" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti23" traffic-selector { local { prefix "172.17.44.0/24" } remote { prefix "172.16.44.0/24" } } } } peer peer-initiator-001-cfg_032 { authentication { local-id "responder-001-cfg_032" mode "pre-shared-secret" remote-id "initiator-001-cfg_032" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti24" traffic-selector { local { prefix "172.17.45.0/24" prefix "172.17.46.0/24" } remote { prefix "172.16.45.0/24" } } } } peer peer-initiator-001-cfg_033 { authentication { local-id "responder-001-cfg_033" mode "pre-shared-secret" remote-id "initiator-001-cfg_033" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti25" traffic-selector { local { prefix "172.17.47.0/24" prefix "172.17.48.0/24" } remote { prefix "172.16.46.0/24" } } } } peer peer-initiator-001-cfg_034 { authentication { local-id "responder-001-cfg_034" mode "pre-shared-secret" remote-id "initiator-001-cfg_034" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti26" traffic-selector { local { prefix "172.17.49.0/24" prefix "172.17.50.0/24" } remote { prefix "172.16.47.0/24" } } } } peer peer-initiator-001-cfg_035 { authentication { local-id "responder-001-cfg_035" mode "pre-shared-secret" remote-id "initiator-001-cfg_035" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti27" traffic-selector { local { prefix "172.17.51.0/24" prefix "172.17.52.0/24" } remote { prefix "172.16.48.0/24" } } } } peer peer-initiator-001-cfg_036 { authentication { local-id "responder-001-cfg_036" mode "pre-shared-secret" remote-id "initiator-001-cfg_036" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti28" traffic-selector { local { prefix "172.17.53.0/24" prefix "172.17.54.0/24" } remote { prefix "172.16.49.0/24" } } } } peer peer-initiator-001-cfg_037 { authentication { local-id "responder-001-cfg_037" mode "pre-shared-secret" remote-id "initiator-001-cfg_037" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti29" traffic-selector { local { prefix "172.17.55.0/24" prefix "172.17.56.0/24" } remote { prefix "172.16.50.0/24" } } } } peer peer-initiator-001-cfg_038 { authentication { local-id "responder-001-cfg_038" mode "pre-shared-secret" remote-id "initiator-001-cfg_038" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti30" traffic-selector { local { prefix "172.17.57.0/24" prefix "172.17.58.0/24" } remote { prefix "172.16.51.0/24" } } } } peer peer-initiator-001-cfg_039 { authentication { local-id "responder-001-cfg_039" mode "pre-shared-secret" remote-id "initiator-001-cfg_039" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti31" traffic-selector { local { prefix "172.17.59.0/24" prefix "172.17.60.0/24" } remote { prefix "172.16.52.0/24" } } } } peer peer-initiator-001-cfg_040 { authentication { local-id "responder-001-cfg_040" mode "pre-shared-secret" remote-id "initiator-001-cfg_040" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti32" traffic-selector { local { prefix "172.17.61.0/24" } remote { prefix "172.16.53.0/24" prefix "172.16.54.0/24" } } } } peer peer-initiator-001-cfg_041 { authentication { local-id "responder-001-cfg_041" mode "pre-shared-secret" remote-id "initiator-001-cfg_041" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti33" traffic-selector { local { prefix "172.17.62.0/24" } remote { prefix "172.16.55.0/24" prefix "172.16.56.0/24" } } } } peer peer-initiator-001-cfg_042 { authentication { local-id "responder-001-cfg_042" mode "pre-shared-secret" remote-id "initiator-001-cfg_042" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti34" traffic-selector { local { prefix "172.17.63.0/24" } remote { prefix "172.16.57.0/24" prefix "172.16.58.0/24" } } } } peer peer-initiator-001-cfg_043 { authentication { local-id "responder-001-cfg_043" mode "pre-shared-secret" remote-id "initiator-001-cfg_043" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti35" traffic-selector { local { prefix "172.17.64.0/24" } remote { prefix "172.16.59.0/24" prefix "172.16.60.0/24" } } } } peer peer-initiator-001-cfg_044 { authentication { local-id "responder-001-cfg_044" mode "pre-shared-secret" remote-id "initiator-001-cfg_044" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti36" traffic-selector { local { prefix "172.17.65.0/24" } remote { prefix "172.16.61.0/24" prefix "172.16.62.0/24" } } } } peer peer-initiator-001-cfg_045 { authentication { local-id "responder-001-cfg_045" mode "pre-shared-secret" remote-id "initiator-001-cfg_045" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti37" traffic-selector { local { prefix "172.17.66.0/24" } remote { prefix "172.16.63.0/24" prefix "172.16.64.0/24" } } } } peer peer-initiator-001-cfg_046 { authentication { local-id "responder-001-cfg_046" mode "pre-shared-secret" remote-id "initiator-001-cfg_046" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti38" traffic-selector { local { prefix "172.17.67.0/24" } remote { prefix "172.16.65.0/24" prefix "172.16.66.0/24" } } } } peer peer-initiator-001-cfg_047 { authentication { local-id "responder-001-cfg_047" mode "pre-shared-secret" remote-id "initiator-001-cfg_047" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti39" traffic-selector { local { prefix "172.17.68.0/24" } remote { prefix "172.16.67.0/24" prefix "172.16.68.0/24" } } } } peer peer-initiator-001-cfg_048 { authentication { local-id "responder-001-cfg_048" mode "pre-shared-secret" remote-id "initiator-001-cfg_048" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti40" traffic-selector { local { prefix "172.17.69.0/24" prefix "172.17.70.0/24" } remote { prefix "172.16.69.0/24" prefix "172.16.70.0/24" } } } } peer peer-initiator-001-cfg_049 { authentication { local-id "responder-001-cfg_049" mode "pre-shared-secret" remote-id "initiator-001-cfg_049" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti41" traffic-selector { local { prefix "172.17.71.0/24" prefix "172.17.72.0/24" } remote { prefix "172.16.71.0/24" prefix "172.16.72.0/24" } } } } peer peer-initiator-001-cfg_050 { authentication { local-id "responder-001-cfg_050" mode "pre-shared-secret" remote-id "initiator-001-cfg_050" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti42" traffic-selector { local { prefix "172.17.73.0/24" prefix "172.17.74.0/24" } remote { prefix "172.16.73.0/24" prefix "172.16.74.0/24" } } } } peer peer-initiator-001-cfg_051 { authentication { local-id "responder-001-cfg_051" mode "pre-shared-secret" remote-id "initiator-001-cfg_051" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti43" traffic-selector { local { prefix "172.17.75.0/24" prefix "172.17.76.0/24" } remote { prefix "172.16.75.0/24" prefix "172.16.76.0/24" } } } } peer peer-initiator-001-cfg_052 { authentication { local-id "responder-001-cfg_052" mode "pre-shared-secret" remote-id "initiator-001-cfg_052" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti44" traffic-selector { local { prefix "172.17.77.0/24" prefix "172.17.78.0/24" } remote { prefix "172.16.77.0/24" prefix "172.16.78.0/24" } } } } peer peer-initiator-001-cfg_053 { authentication { local-id "responder-001-cfg_053" mode "pre-shared-secret" remote-id "initiator-001-cfg_053" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" vti { bind "vti45" traffic-selector { local { prefix "172.17.79.0/24" prefix "172.17.80.0/24" } remote { prefix "172.16.79.0/24" prefix "172.16.80.0/24" } } } } peer peer-initiator-001-cfg_054 { authentication { local-id "responder-001-cfg_054" mode "pre-shared-secret" remote-id "initiator-001-cfg_054" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti46" traffic-selector { local { prefix "172.17.81.0/24" prefix "172.17.82.0/24" } remote { prefix "172.16.81.0/24" prefix "172.16.82.0/24" } } } } peer peer-initiator-001-cfg_055 { authentication { local-id "responder-001-cfg_055" mode "pre-shared-secret" remote-id "initiator-001-cfg_055" } connection-type "none" default-esp-group "ESP-VTI" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" vti { bind "vti47" traffic-selector { local { prefix "172.17.83.0/24" prefix "172.17.84.0/24" } remote { prefix "172.16.83.0/24" prefix "172.16.84.0/24" } } } } peer peer-initiator-001-cfg_056 { authentication { local-id "responder-001-cfg_056" mode "pre-shared-secret" remote-id "initiator-001-cfg_056" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.85.0/24" } remote { prefix "172.16.85.0/24" } } } peer peer-initiator-001-cfg_057 { authentication { local-id "responder-001-cfg_057" mode "pre-shared-secret" remote-id "initiator-001-cfg_057" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.86.0/24" } remote { prefix "172.16.86.0/24" } } } peer peer-initiator-001-cfg_058 { authentication { local-id "responder-001-cfg_058" mode "pre-shared-secret" remote-id "initiator-001-cfg_058" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.87.0/24" } remote { prefix "172.16.87.0/24" } } } peer peer-initiator-001-cfg_059 { authentication { local-id "responder-001-cfg_059" mode "pre-shared-secret" remote-id "initiator-001-cfg_059" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.88.0/24" } remote { prefix "172.16.88.0/24" } } } peer peer-initiator-001-cfg_060 { authentication { local-id "responder-001-cfg_060" mode "pre-shared-secret" remote-id "initiator-001-cfg_060" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.89.0/24" } remote { prefix "172.16.89.0/24" } } tunnel 11 { local { prefix "172.17.90.0/24" } remote { prefix "172.16.89.0/24" } } } peer peer-initiator-001-cfg_061 { authentication { local-id "responder-001-cfg_061" mode "pre-shared-secret" remote-id "initiator-001-cfg_061" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.91.0/24" } remote { prefix "172.16.90.0/24" } } tunnel 11 { local { prefix "172.17.92.0/24" } remote { prefix "172.16.90.0/24" } } } peer peer-initiator-001-cfg_062 { authentication { local-id "responder-001-cfg_062" mode "pre-shared-secret" remote-id "initiator-001-cfg_062" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.93.0/24" } remote { prefix "172.16.91.0/24" } } tunnel 11 { local { prefix "172.17.94.0/24" } remote { prefix "172.16.91.0/24" } } } peer peer-initiator-001-cfg_063 { authentication { local-id "responder-001-cfg_063" mode "pre-shared-secret" remote-id "initiator-001-cfg_063" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.95.0/24" } remote { prefix "172.16.92.0/24" } } tunnel 11 { local { prefix "172.17.96.0/24" } remote { prefix "172.16.92.0/24" } } } peer peer-initiator-001-cfg_064 { authentication { local-id "responder-001-cfg_064" mode "pre-shared-secret" remote-id "initiator-001-cfg_064" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.97.0/24" } remote { prefix "172.16.93.0/24" } } tunnel 11 { local { prefix "172.17.97.0/24" } remote { prefix "172.16.94.0/24" } } } peer peer-initiator-001-cfg_065 { authentication { local-id "responder-001-cfg_065" mode "pre-shared-secret" remote-id "initiator-001-cfg_065" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.98.0/24" } remote { prefix "172.16.95.0/24" } } tunnel 11 { local { prefix "172.17.98.0/24" } remote { prefix "172.16.96.0/24" } } } peer peer-initiator-001-cfg_066 { authentication { local-id "responder-001-cfg_066" mode "pre-shared-secret" remote-id "initiator-001-cfg_066" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.99.0/24" } remote { prefix "172.16.97.0/24" } } tunnel 11 { local { prefix "172.17.99.0/24" } remote { prefix "172.16.98.0/24" } } } peer peer-initiator-001-cfg_067 { authentication { local-id "responder-001-cfg_067" mode "pre-shared-secret" remote-id "initiator-001-cfg_067" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.100.0/24" } remote { prefix "172.16.99.0/24" } } tunnel 11 { local { prefix "172.17.100.0/24" } remote { prefix "172.16.100.0/24" } } } peer peer-initiator-001-cfg_068 { authentication { local-id "responder-001-cfg_068" mode "pre-shared-secret" remote-id "initiator-001-cfg_068" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.101.0/24" } remote { prefix "172.16.101.0/24" } } tunnel 11 { local { prefix "172.17.101.0/24" } remote { prefix "172.16.102.0/24" } } tunnel 12 { local { prefix "172.17.102.0/24" } remote { prefix "172.16.101.0/24" } } tunnel 13 { local { prefix "172.17.102.0/24" } remote { prefix "172.16.102.0/24" } } } peer peer-initiator-001-cfg_069 { authentication { local-id "responder-001-cfg_069" mode "pre-shared-secret" remote-id "initiator-001-cfg_069" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.2.0.2" remote-address "10.0.0.2" tunnel 10 { local { prefix "172.17.103.0/24" } remote { prefix "172.16.103.0/24" } } tunnel 11 { local { prefix "172.17.103.0/24" } remote { prefix "172.16.104.0/24" } } tunnel 12 { local { prefix "172.17.104.0/24" } remote { prefix "172.16.103.0/24" } } tunnel 13 { local { prefix "172.17.104.0/24" } remote { prefix "172.16.104.0/24" } } } peer peer-initiator-001-cfg_070 { authentication { local-id "responder-001-cfg_070" mode "pre-shared-secret" remote-id "initiator-001-cfg_070" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.105.0/24" } remote { prefix "172.16.105.0/24" } } tunnel 11 { local { prefix "172.17.105.0/24" } remote { prefix "172.16.106.0/24" } } tunnel 12 { local { prefix "172.17.106.0/24" } remote { prefix "172.16.105.0/24" } } tunnel 13 { local { prefix "172.17.106.0/24" } remote { prefix "172.16.106.0/24" } } } peer peer-initiator-001-cfg_071 { authentication { local-id "responder-001-cfg_071" mode "pre-shared-secret" remote-id "initiator-001-cfg_071" } connection-type "none" default-esp-group "ESP-TUNNEL" ike-group "IKE-GROUP" local-address "10.3.0.2" remote-address "10.1.0.2" tunnel 10 { local { prefix "172.17.107.0/24" } remote { prefix "172.16.107.0/24" } } tunnel 11 { local { prefix "172.17.107.0/24" } remote { prefix "172.16.108.0/24" } } tunnel 12 { local { prefix "172.17.108.0/24" } remote { prefix "172.16.107.0/24" } } tunnel 13 { local { prefix "172.17.108.0/24" } remote { prefix "172.16.108.0/24" } } } } } } vpp { settings { interface eth1 { driver "dpdk" } interface eth3 { driver "dpdk" } ipsec { } memory { main-heap-size "1G" } unix { poll-sleep-usec "1000" } } } // Warning: Do not remove the following line. // vyos-config-version: "bgp@6:broadcast-relay@1:cluster@2:config-management@1:conntrack@6:conntrack-sync@2:container@3:dhcp-relay@2:dhcp-server@11:dhcpv6-server@6:dns-dynamic@4:dns-forwarding@4:firewall@20:flow-accounting@3:https@7:ids@2:interfaces@34:ipoe-server@4:ipsec@14:isis@3:l2tp@9:lldp@3:mdns@1:monitoring@2:nat@8:nat66@3:nhrp@1:ntp@3:openconnect@3:openvpn@4:ospf@2:pim@1:policy@9:pppoe-server@11:pptp@5:qos@3:quagga@12:reverse-proxy@3:rip@1:rpki@2:salt@1:snmp@3:ssh@3:sstp@6:system@30:vpp@4:vrf@3:vrrp@4:vyos-accel-ppp@2:wanloadbalance@4:webproxy@2" // Release version: 2026.01.05-0023-rolling