#ログイン
ユーザ名、パスワードともに「vyos」
#ネットワークの設定
$ configure
# set interfaces ethernet eth0 address [IPADDRESS]/[MASK]
# set system gateway-address [GATEWAY ADDRESS]
# set system name-server [NAME SERVER ADDRESS]
# set system time-zone Asia/Tokyo
# delete system ntp server
# set system ntp server ntp.jst.mfeed.ad.jp
# set service ssh
# commit
# save
# exit
#疎通確認
$ ping 8.8.8.8
#ユーザ作成
$ configure
# set system login user [USERNAME]
# set system login user [USERNAME] authentication plaintext-password [PASSWORD]
# commit
# save
# exit
#初期ユーザ削除
$ configure
# delete system login user vyos
# commit
# save
# exit
#公開鍵認証の設定
$ ssh-keygen
$ cat ~/.ssh/id_rsa.pub
$ cat ~/.ssh/id_rsa
$ configure
# set system login user [USERNAME] authentication public-keys [USERNAME]@[HOSTNAME] type ssh-rsa
# set system login user [USERNAME] authentication public-keys [USERNAME]@[HOSTNAME] key [PUBKEY]
# set service ssh disable-password-authentication
# commit
# save
# exit
#IPsecの設定
$ configure
# set vpn ipsec ipsec-interfaces interface eth0
# set vpn ipsec nat-traversal enable
# set vpn ipsec nat-networks allowed-network 0.0.0.0/0
# commit
# save
#L2TPの設定
# set vpn l2tp remote-access outside-address [IPADDRESS]
# set vpn l2tp remote-access outside-nexthop [GATEWAY ADDRESS]
# set vpn l2tp remote-access client-ip-pool start 192.168.110.1
# set vpn l2tp remote-access client-ip-pool stop 192.168.110.100
# set vpn l2tp remote-access dns-servers server-1 8.8.8.8
# set vpn l2tp remote-access dns-servers server-2 8.8.4.4
# set vpn l2tp remote-access ipsec-settings authentication mode pre-shared-secret
# set vpn l2tp remote-access ipsec-settings authentication pre-shared-secret [SHARED SECRET]
# set vpn l2tp remote-access authentication mode local
# set vpn l2tp remote-access authentication local-users username [USERNAME] password [PASSWORD]
# commit
# save
#NAT設定
# set nat source rule 999 outbound-interface eth0
# set nat source rule 999 translation address masquerade
# commit
# save
# exit
#運用中に使うかもなコマンド
###クライアント側IPアドレス固定
set vpn l2tp remote-access authentication local-users username TESTUSER static-ip 192.168.1.105
###ユーザ無効化
set vpn l2tp remote-access authentication local-users username TESTUSER disable
#参考
さくらのVPSでVyattaを使ったVPNトンネルの構築
さくらのVPSにVyOSをインストールする
VyOSでIPSec VPNの設定