Difference between revisions of "Azure"

From VyOS Wiki
Jump to: navigation, search
(Created page with "Azure related page")
 
Line 1: Line 1:
Azure related page
+
vpn {
 +
    ipsec {
 +
        esp-group esp-azure {
 +
            compression disable
 +
            mode tunnel
 +
            pfs disable
 +
            proposal 1 {
 +
                encryption aes256
 +
                hash sha1
 +
            }
 +
        }
 +
        ike-group ike-azure {
 +
            lifetime 28800
 +
            proposal 1 {
 +
                dh-group 2
 +
                encryption aes256
 +
                hash sha1
 +
            }
 +
        }
 +
        ipsec-interfaces {
 +
            interface eth0
 +
        }
 +
        logging {
 +
            log-modes all
 +
        }
 +
        nat-traversal disable
 +
        site-to-site {
 +
            peer 5.8.9.1 {
 +
                authentication {
 +
                    mode pre-shared-secret
 +
                    pre-shared-secret xQ4JvYcY8ftwVg4Wa2gB3E9t
 +
                }
 +
                connection-type respond
 +
                default-esp-group esp-azure
 +
                ike-group ike-azure
 +
                local-address 5.9.5.5
 +
                tunnel 1 {
 +
                    allow-nat-networks disable
 +
                    allow-public-networks disable
 +
                    esp-group esp-azure
 +
                    local {
 +
                        prefix 192.0.2.0/24
 +
                    }
 +
                    remote {
 +
                        prefix 10.219.0.0/20
 +
                    }
 +
                }
 +
            }
 +
        }
 +
    }
 +
}

Revision as of 00:01, 4 April 2017

vpn {
    ipsec {
        esp-group esp-azure {
            compression disable
            mode tunnel
            pfs disable
            proposal 1 {
                encryption aes256
                hash sha1
            }
        }
        ike-group ike-azure {
            lifetime 28800
            proposal 1 {
                dh-group 2
                encryption aes256
                hash sha1
            }
        }
        ipsec-interfaces {
            interface eth0
        }
        logging {
            log-modes all
        }
        nat-traversal disable
        site-to-site {
            peer 5.8.9.1 {
                authentication {
                    mode pre-shared-secret
                    pre-shared-secret xQ4JvYcY8ftwVg4Wa2gB3E9t
                }
                connection-type respond
                default-esp-group esp-azure
                ike-group ike-azure
                local-address 5.9.5.5
                tunnel 1 {
                    allow-nat-networks disable
                    allow-public-networks disable
                    esp-group esp-azure
                    local {
                        prefix 192.0.2.0/24
                    }
                    remote {
                        prefix 10.219.0.0/20
                    }
                }
            }
        }
    }
}