interfaces { bridge br241 { address 172.0.0.1/24 member { interface eth0.241 { } interface vxlan241 { } } } ethernet eth0 { vif 241 { } } ethernet eth1 { address 10.1.2.2/24 mtu 1700 } ethernet eth2 { address dhcp } loopback lo { } vti vti10 { address 10.0.0.2/31 mtu 9000 } vxlan vxlan241 { link vti10 mtu 1500 remote 10.0.0.3 vni 241 } } protocols { static { route 10.1.3.0/24 { next-hop 10.1.2.1 { } } } } service { ssh { } } system { config-management { commit-revisions 100 } console { device ttyS0 { speed 115200 } } host-name link1 login { user vyos { authentication { encrypted-password "" plaintext-password "vyos" } } } ntp { server 0.pool.ntp.org { } server 1.pool.ntp.org { } server 2.pool.ntp.org { } } syslog { global { facility all { level info } facility protocols { level debug } } } } vpn { ipsec { esp-group ESP_DEFAULT { compression disable lifetime 3600 mode tunnel pfs dh-group19 proposal 10 { encryption aes256gcm128 hash sha256 } } ike-group IKEv2_DEFAULT { close-action none dead-peer-detection { action hold interval 30 timeout 120 } ikev2-reauth no key-exchange ikev2 lifetime 10800 mobike disable proposal 10 { dh-group 19 encryption aes256gcm128 hash sha256 } } ipsec-interfaces { interface eth1 } site-to-site { peer 10.1.3.3 { authentication { id 10.1.2.2 mode pre-shared-secret pre-shared-secret secretkey remote-id 10.1.3.3 } connection-type initiate ike-group IKEv2_DEFAULT ikev2-reauth inherit local-address 10.1.2.2 vti { bind vti10 esp-group ESP_DEFAULT } } } } } /* Warning: Do not remove the following line. */ /* === vyatta-config-version: "broadcast-relay@1:cluster@1:config-management@1:conntrack@1:conntrack-sync@1:dhcp-relay@2:dhcp-server@5:dns-forwarding@2:firewall@5:https@1:interfaces@8:ipsec@5:l2tp@2:lldp@1:mdns@1:nat@4:ntp@1:pptp@1:qos@1:quagga@6:snmp@1:ssh@1:sstp@2:system@16:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webgui@1:webproxy@2:zone-policy@1" === */ /* Release version: 1.3-rolling-202004051749 */