interfaces { ethernet eth0 { address "192.168.7.228/24" } loopback lo { } tunnel tun100 { address "172.16.200.1/24" enable-multicast { } encapsulation "gre" parameters { ip { key "1" } } source-address "192.168.7.228" } } protocols { nhrp { tunnel tun100 { cisco-authentication "secret" holding-time "30" multicast "dynamic" redirect { } shortcut { } } } static { route 0.0.0.0/0 { next-hop 192.168.7.1 { } } } } service { ntp { allow-client { address "0.0.0.0/0" address "::/0" } server time1.vyos.net { } server time2.vyos.net { } server time3.vyos.net { } } ssh { } } system { config-management { commit-revisions "100" } conntrack { modules { ftp { } h323 { } nfs { } pptp { } sip { } sqlnet { } tftp { } } } console { device ttyS0 { speed "115200" } } host-name "hub" login { user vyos { authentication { encrypted-password "$6$W.ZYKBNeNG0HypzV$LgXBiLGUGctRRO0chfiARG/QjkyMS3Z3k/luAyT06nuSZceE0ZYbp0Q4ZEMvs9YZZxySZ1SuSdvXo3p/.bY8g/" plaintext-password "" } } } syslog { global { facility all { level "info" } facility local7 { level "debug" } } } } vpn { ipsec { esp-group ESP-HUB { lifetime "1800" mode "transport" pfs "dh-group2" proposal 1 { encryption "aes256" hash "sha512" } } ike-group IKE-HUB { close-action "none" dead-peer-detection { action "restart" interval "3" timeout "30" } key-exchange "ikev2" lifetime "3600" proposal 1 { dh-group "2" encryption "aes256" hash "sha256" } } interface "eth0" profile NHRPVPN { authentication { mode "pre-shared-secret" pre-shared-secret "secret" } bind { tunnel "tun100" } esp-group "ESP-HUB" ike-group "IKE-HUB" } } } // Warning: Do not remove the following line. // vyos-config-version: "bgp@4:broadcast-relay@1:cluster@1:config-management@1:conntrack@3:conntrack-sync@2:container@1:dhcp-relay@2:dhcp-server@6:dhcpv6-server@1:dns-dynamic@1:dns-forwarding@4:firewall@10:flow-accounting@1:https@4:ids@1:interfaces@28:ipoe-server@1:ipsec@12:isis@3:l2tp@4:lldp@1:mdns@1:monitoring@1:nat@5:nat66@1:ntp@2:openconnect@2:ospf@2:policy@5:pppoe-server@6:pptp@2:qos@2:quagga@11:rip@1:rpki@1:salt@1:snmp@3:ssh@2:sstp@4:system@26:vrf@3:vrrp@3:vyos-accel-ppp@2:wanloadbalance@3:webproxy@2" // Release version: 1.4-rolling-202306071355