Azure

From VyOS Wiki
Revision as of 00:01, 4 April 2017 by Syncer (talk | contribs)
Jump to: navigation, search
vpn {
    ipsec {
        esp-group esp-azure {
            compression disable
            mode tunnel
            pfs disable
            proposal 1 {
                encryption aes256
                hash sha1
            }
        }
        ike-group ike-azure {
            lifetime 28800
            proposal 1 {
                dh-group 2
                encryption aes256
                hash sha1
            }
        }
        ipsec-interfaces {
            interface eth0
        }
        logging {
            log-modes all
        }
        nat-traversal disable
        site-to-site {
            peer 5.8.9.1 {
                authentication {
                    mode pre-shared-secret
                    pre-shared-secret xQ4JvYcY8ftwVg4Wa2gB3E9t
                }
                connection-type respond
                default-esp-group esp-azure
                ike-group ike-azure
                local-address 5.9.5.5
                tunnel 1 {
                    allow-nat-networks disable
                    allow-public-networks disable
                    esp-group esp-azure
                    local {
                        prefix 192.0.2.0/24
                    }
                    remote {
                        prefix 10.219.0.0/20
                    }
                }
            }
        }
    }
}