diff options
Diffstat (limited to 'smoketest/configs')
| -rw-r--r-- | smoketest/configs/bgp-azure-ipsec-gateway | 17 | ||||
| -rw-r--r-- | smoketest/configs/pki-ipsec | 27 | ||||
| -rw-r--r-- | smoketest/configs/pki-misc | 98 |
3 files changed, 134 insertions, 8 deletions
diff --git a/smoketest/configs/bgp-azure-ipsec-gateway b/smoketest/configs/bgp-azure-ipsec-gateway index 0862531fd..ddcd459ae 100644 --- a/smoketest/configs/bgp-azure-ipsec-gateway +++ b/smoketest/configs/bgp-azure-ipsec-gateway @@ -307,6 +307,7 @@ system { } vpn { ipsec { + auto-update 120 esp-group ESP-AZURE { compression disable lifetime 27000 @@ -341,35 +342,35 @@ vpn { log-modes ike } site-to-site { - peer 51.105.0.2 { + peer 51.105.0.1 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure } connection-type respond + default-esp-group ESP-AZURE ike-group IKE-AZURE ikev2-reauth inherit local-address 192.0.2.189 vti { bind vti51 - esp-group ESP-AZURE } } - peer 51.105.0.3 { + peer 51.105.0.2 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure } connection-type respond + default-esp-group ESP-AZURE ike-group IKE-AZURE ikev2-reauth inherit local-address 192.0.2.189 vti { bind vti52 - esp-group ESP-AZURE } } - peer 51.105.0.246 { + peer 51.105.0.3 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure @@ -383,7 +384,7 @@ vpn { esp-group ESP-AZURE } } - peer 51.105.0.247 { + peer 51.105.0.4 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure @@ -397,7 +398,7 @@ vpn { esp-group ESP-AZURE } } - peer 51.105.0.18 { + peer 51.105.0.5 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure @@ -411,7 +412,7 @@ vpn { esp-group ESP-AZURE } } - peer 51.105.0.19 { + peer 51.105.0.6 { authentication { mode pre-shared-secret pre-shared-secret averysecretpsktowardsazure diff --git a/smoketest/configs/pki-ipsec b/smoketest/configs/pki-ipsec index 5025117f7..6fc239d27 100644 --- a/smoketest/configs/pki-ipsec +++ b/smoketest/configs/pki-ipsec @@ -105,6 +105,33 @@ vpn { } } } + l2tp { + remote-access { + authentication { + local-users { + username alice { + password notsecure + } + } + mode local + } + client-ip-pool { + start 192.168.255.2 + stop 192.168.255.254 + } + ipsec-settings { + authentication { + mode x509 + x509 { + ca-cert-file /config/auth/ovpn_test_ca.pem + server-cert-file /config/auth/ovpn_test_server.pem + server-key-file /config/auth/ovpn_test_server.key + } + } + } + outside-address 192.168.150.1 + } + } rsa-keys { local-key { file /config/auth/ovpn_test_server.key diff --git a/smoketest/configs/pki-misc b/smoketest/configs/pki-misc new file mode 100644 index 000000000..c90226a2a --- /dev/null +++ b/smoketest/configs/pki-misc @@ -0,0 +1,98 @@ +interfaces { + ethernet eth0 { + address 192.168.150.1/24 + } +} +service { + https { + certificates { + system-generated-certificate { + lifetime 365 + } + } + } +} +system { + config-management { + commit-revisions 100 + } + console { + device ttyS0 { + speed 115200 + } + } + host-name vyos + login { + user vyos { + authentication { + encrypted-password $6$2Ta6TWHd/U$NmrX0x9kexCimeOcYK1MfhMpITF9ELxHcaBU/znBq.X2ukQOj61fVI2UYP/xBzP4QtiTcdkgs7WOQMHWsRymO/ + plaintext-password "" + } + } + } + ntp { + server time1.vyos.net { + } + server time2.vyos.net { + } + server time3.vyos.net { + } + } + syslog { + global { + facility all { + level info + } + facility protocols { + level debug + } + } + } +} +vpn { + openconnect { + authentication { + local-users { + username test { + password test + } + } + mode local + } + network-settings { + client-ip-settings { + subnet 192.168.160.0/24 + } + } + ssl { + ca-cert-file /config/auth/ovpn_test_ca.pem + cert-file /config/auth/ovpn_test_server.pem + key-file /config/auth/ovpn_test_server.key + } + } + sstp { + authentication { + local-users { + username test { + password test + } + } + mode local + protocols mschap-v2 + } + client-ip-pool { + subnet 192.168.170.0/24 + } + gateway-address 192.168.150.1 + ssl { + ca-cert-file /config/auth/ovpn_test_ca.pem + cert-file /config/auth/ovpn_test_server.pem + key-file /config/auth/ovpn_test_server.key + } + } +} + + +// Warning: Do not remove the following line. +// vyos-config-version: "bgp@1:broadcast-relay@1:cluster@1:config-management@1:conntrack@2:conntrack-sync@2:dhcp-relay@2:dhcp-server@5:dhcpv6-server@1:dns-forwarding@3:firewall@5:https@2:interfaces@22:ipoe-server@1:ipsec@6:isis@1:l2tp@3:lldp@1:mdns@1:nat@5:nat66@1:ntp@1:policy@1:pppoe-server@5:pptp@2:qos@1:quagga@9:rpki@1:salt@1:snmp@2:ssh@2:sstp@3:system@21:vrf@2:vrrp@2:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2:zone-policy@1" +// Release version: 1.4-rolling-202106290839 |