VyOS Configurations - squatchulator/Tech-Journal GitHub Wiki
VyOS Configurations
Project 1
VyOS1 Commands:
configure
set system host-name vyos1-miles
set interfaces ethernet eth0 address 10.0.17.12/24
set interfaces ethernet eth0 description SEC440-WAN
set interfaces ethernet eth1 address 10.0.5.2/24
set interfaces ethernet eth1 description MILES-LAN
set interfaces ethernet eth2 address 10.0.6.2/24
set interfaces ethernet eth2 description MILES-OPT
set nat destination rule 10 description "Allow HTTP to LAN"
set nat destination rule 10 destination address 10.0.17.102
set nat destination rule 10 destination port 80
set nat destination rule 10 inbound-interface eth0
set nat destination rule 10 protocol tcp
set nat destination rule 10 translation address 10.0.5.100
set nat destination rule 10 translation port 80
set nat destination rule 20 description "Allow SSH to LAN"
set nat destination rule 20 destination address 10.0.17.102
set nat destination rule 20 destination port 22
set nat destination rule 20 inbound-interface eth0
set nat destination rule 20 protocol tcp
set nat destination rule 20 translation address 10.0.5.100
set nat destination rule 20 translation port 22
set nat source rule 10 description 'Allow NAT from LAN to WAN'
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 10.0.5.0/24
set nat source rule 10 translation address masquerade
set service dns forwarding allow-from 10.0.5.0/24
set service dns forwarding listen-address 10.0.5.1
set service dns forwarding system
set service ssh listen-address 0.0.0.0
set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
set system name-server 10.0.17.2
set high-availability vrrp group wangroup2 vrid 152
set high-availability vrrp group wangroup2 interface eth0
set high-availability vrrp group wangroup2 address 10.0.17.102/24
set high-availability vrrp group wangroup2 priority 200
set high-availability vrrp group langroup0 vrid 10
set high-availability vrrp group langroup0 interface eth1
set high-availability vrrp group langroup0 address 10.0.5.1/24
set high-availability vrrp group langroup0 priority 200
set high-availability vrrp group optgroup0 vrid 20
set high-availability vrrp group optgroup0 interface eth2
set high-availability vrrp group optgroup0 address 10.0.6.1/24
set high-availability vrrp group optgroup0 priority 200
commit
save
VyOS2 Commands
configure
set system host-name vyos2-miles
set interfaces ethernet eth0 10.0.17.72/24
set interfaces ethernet eth0 description SEC440-WAN
set interfaces ethernet eth1 10.0.5.3/24
set interfaces ethernet eth1 description MILES-LAN
set interfaces ethernet eth2 10.0.6.3/24
set interfaces ethernet eth2 description MILES-OPT
set nat destination rule 10 description "Allow HTTP to LAN"
set nat destination rule 10 destination address 10.0.17.102
set nat destination rule 10 destination port 80
set nat destination rule 10 inbound-interface eth0
set nat destination rule 10 protocol tcp
set nat destination rule 10 translation address 10.0.5.100
set nat destination rule 10 translation port 80
set nat destination rule 20 description "Allow SSH to LAN"
set nat destination rule 20 destination address 10.0.17.102
set nat destination rule 20 destination port 22
set nat destination rule 20 inbound-interface eth0
set nat destination rule 20 protocol tcp
set nat destination rule 20 translation address 10.0.5.100
set nat destination rule 20 translation port 22
set nat source rule 10 description 'Allow NAT from LAN to WAN'
set nat source rule 10 outbound-interface eth0
set nat source rule 10 source address 10.0.5.0/24
set nat source rule 10 translation address masquerade
set service dns forwarding allow-from 10.0.5.0/24
set service dns forwarding listen-address 10.0.5.1
set service dns forwarding system
set service ssh listen-address 0.0.0.0
set protocols static route 0.0.0.0/0 next-hop 10.0.17.2
set system name-server 10.0.17.2
set high-availability vrrp group wangroup2 vrid 152
set high-availability vrrp group wangroup2 interface eth0
set high-availability vrrp group wangroup2 address 10.0.17.102/24
set high-availability vrrp group wangroup2 priority 100
set high-availability vrrp group langroup0 vrid 10
set high-availability vrrp group langroup0 interface eth1
set high-availability vrrp group langroup0 address 10.0.5.1/24
set high-availability vrrp group langroup0 priority 100
set high-availability vrrp group optgroup0 vrid 20
set high-availability vrrp group optgroup0 interface eth2
set high-availability vrrp group optgroup0 address 10.0.6.1/24
set high-availability vrrp group optgroup0 priority 100
commit
save