diff options
| author | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2021-06-29 11:06:44 +0200 |
|---|---|---|
| committer | sarthurdev <965089+sarthurdev@users.noreply.github.com> | 2021-06-29 21:26:44 +0200 |
| commit | f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a (patch) | |
| tree | 932113197018d823ca83e092139c8a06f89e3b99 /smoketest/configs/pki-ipsec | |
| parent | 6f66e71e4622c54058b8689d4be730905d69fe22 (diff) | |
| download | vyos-1x-f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a.tar.gz vyos-1x-f5a8a9cdfe52c331177c8bc7b8fb84fc08d4f60a.zip | |
pki: ipsec: T3642: Migrate IPSec to use PKI configuration
Diffstat (limited to 'smoketest/configs/pki-ipsec')
| -rw-r--r-- | smoketest/configs/pki-ipsec | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/smoketest/configs/pki-ipsec b/smoketest/configs/pki-ipsec new file mode 100644 index 000000000..7708a3cdd --- /dev/null +++ b/smoketest/configs/pki-ipsec @@ -0,0 +1,95 @@ +interfaces { + dummy dum0 { + address 172.20.0.1/30 + } + ethernet eth0 { + address 192.168.150.1/24 + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/ + plaintext-password "" + } + } + } + ntp { + server time1.vyos.net { + } + server time2.vyos.net { + } + server time3.vyos.net { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} +vpn { + ipsec { + esp-group MyESPGroup { + proposal 1 { + encryption aes128 + hash sha1 + } + } + ike-group MyIKEGroup { + proposal 1 { + dh-group 2 + encryption aes128 + hash sha1 + } + } + ipsec-interfaces { + interface eth0 + } + site-to-site { + peer 192.168.150.2 { + authentication { + mode x509 + x509 { + ca-cert-file ovpn_test_ca.pem + cert-file ovpn_test_server.pem + key { + file ovpn_test_server.key + } + } + } + default-esp-group MyESPGroup + ike-group MyIKEGroup + local-address 192.168.150.1 + tunnel 0 { + local { + prefix 172.20.0.0/24 + } + remote { + prefix 172.21.0.0/24 + } + } + } + } + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "bgp@1:broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@2:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@22:ipoe-server@1:ipsec@6:isis@1:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:policy@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@21:vrf@2:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202106290839 |