09-09-2016 10:00 PM
I need assistance with this please. I need remote access using l2tp to a 5600.
On a 5400 router, I find it to be very easy to enable ipsec on an interface by simply typing in this command:
set vpn ipsec ipsec-interfaces interface eth0
On the 5600, I cannot find a way to enable ipsec on an interface, I get to this point:
set security vpn ipsec ?
The documentation states that there should be a sub menu called ipsec interfaces
set security vpn ipsec ipsec-interfaces interface dp0p1p1
version of 5600 code is 5.0R2 evaluation.
10-02-2016 06:16 PM
04-06-2017 03:54 AM
I'm having the same issue. Here is the completion:
vyatta@asc# set security vpn ipsec
<Enter> Execute the current command
auto-update Set auto-update interval for IPsec daemon. [Deprecated]
disable-uniqreqids <No help text available> [Deprecated]
+> esp-group Name of Encapsulating Security Payload (ESP) group
+> ike-group Name of Internet Key Exchange (IKE) group
> logging IPsec logging
> nat-networks Network Address Translation (NAT) networks
nat-traversal Network Address Translation (NAT) traversal [Deprecated]
+> profile VPN IPSec Profile
> site-to-site Site to site VPN
I am going through the IPSec course for the 5600 in the learning portal, and the command is there for step one of setting up a tunnel, but it's not actually there when I check.
04-06-2017 09:09 AM
"set security vpn ipsec ipsec-interfaces" is not a supported command on 5600, and it is not needed. You can have IPsec Site-to-Site working fine on 5600 without that command. It is unfortunate that our training materials still mention that command. Please disregard it and move on.