CloudEOS and vEOS Router (VTI IPsec Tunnel)

The IPsec tunnels represented in these examples include VTI IPsec tunnels between CloudEOS and vEOS Router instances and third party CSR router instances.

Running Configuration for CloudEOS and vEOS

ip security 
ike policy ikebranch1 
encryption aes256 
dh-group 15
sa policy sabranch1 
sa lifetime 2
pfs dh-group 14
profile hq
ike-policy ikebranch1
sa-policy sabranch1 
connection add
shared-key keyAristaHq 
dpd 10 50 clear

interface Tunnel1
ip address 
tunnel mode ipsec 
tunnel source
tunnel destination
tunnel key 100
tunnel ipsec profile hq

interface Ethernet1 
no switchport
ip address