summaryrefslogtreecommitdiff
path: root/docs/appendix/examples/azure-vpn-dual-bgp.rst
diff options
context:
space:
mode:
Diffstat (limited to 'docs/appendix/examples/azure-vpn-dual-bgp.rst')
-rw-r--r--docs/appendix/examples/azure-vpn-dual-bgp.rst16
1 files changed, 8 insertions, 8 deletions
diff --git a/docs/appendix/examples/azure-vpn-dual-bgp.rst b/docs/appendix/examples/azure-vpn-dual-bgp.rst
index 4cbcde3b..27007709 100644
--- a/docs/appendix/examples/azure-vpn-dual-bgp.rst
+++ b/docs/appendix/examples/azure-vpn-dual-bgp.rst
@@ -55,7 +55,7 @@ Vyos configuration
- Configure the IKE and ESP settings to match a subset
of those supported by Azure:
-.. code-block:: sh
+.. code-block:: console
set vpn ipsec esp-group AZURE compression 'disable'
set vpn ipsec esp-group AZURE lifetime '3600'
@@ -76,13 +76,13 @@ Vyos configuration
- Enable IPsec on eth0
-.. code-block:: sh
+.. code-block:: console
set vpn ipsec ipsec-interfaces interface 'eth0'
- Configure two VTIs with a dummy IP address each
-.. code-block:: sh
+.. code-block:: console
set interfaces vti vti1 address '10.10.1.5/32'
set interfaces vti vti1 description 'Azure Primary Tunnel'
@@ -92,14 +92,14 @@ Vyos configuration
- Clamp the VTI's MSS to 1350 to avoid PMTU blackholes.
-.. code-block:: sh
+.. code-block:: console
set firewall options interface vti1 adjust-mss 1350
set firewall options interface vti2 adjust-mss 1350
- Configure the VPN tunnels
-.. code-block:: sh
+.. code-block:: console
set vpn ipsec site-to-site peer 203.0.113.2 authentication id '198.51.100.3'
set vpn ipsec site-to-site peer 203.0.113.2 authentication mode 'pre-shared-secret'
@@ -127,14 +127,14 @@ Vyos configuration
- **Important**: Add an interface route to reach both Azure's BGP listeners
-.. code-block:: sh
+.. code-block:: console
set protocols static interface-route 10.0.0.4/32 next-hop-interface vti1
set protocols static interface-route 10.0.0.5/32 next-hop-interface vti2
- Configure your BGP settings
-.. code-block:: sh
+.. code-block:: console
set protocols bgp 64499 neighbor 10.0.0.4 remote-as '65540'
set protocols bgp 64499 neighbor 10.0.0.4 address-family ipv4-unicast soft-reconfiguration 'inbound'
@@ -149,7 +149,7 @@ Vyos configuration
- **Important**: Disable connected check, otherwise the routes learned
from Azure will not be imported into the routing table.
-.. code-block:: sh
+.. code-block:: console
set protocols bgp 64499 neighbor 10.0.0.4 disable-connected-check
set protocols bgp 64499 neighbor 10.0.0.5 disable-connected-check
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 03:55:24 +0000