LogoLogo
Island Router CLI Reference Guide 2.3.2
Island Documentation IntroductionIsland Router CLI Reference Guide 2.3.2
Island Router CLI Reference Guide 2.3.2
Island Documentation IntroductionIsland Router CLI Reference Guide 2.3.2
  • Overview
  • Context Sensitive Help
  • URL Format
  • Password Encryption and Public Key Authentication
  • Command Scheduler
  • Commands
    • auto-update
      • auto-update days
      • auto-update time
    • backup
      • backup interval
      • backup url
    • clear connections
    • clear dhcp-client
    • clear dump
    • clear everything
    • clear log
    • clear network
    • clear package
    • clear pin
    • clear ssh client-keys
    • clear ssh host-keys
    • clear ssh known-hosts
    • clear syslog
    • clear update
    • clear vpn-keys
    • compact
    • configure authorized-keys
    • configure known-hosts
    • configure network
    • configure terminal
    • description
    • duplex
    • end
    • ethernet polling
    • exit
    • help
    • history
      • history empty
      • history filter
      • history interval
      • history output-format
      • history rename
      • history url
      • history utc
    • hostname
    • interface
    • ip (interface context)
      • ip address
      • ip autoconfig
      • ip autovlan
      • ip arp-scan
      • ip arp-spoof
      • ip priority
      • ip dhcp6-client
      • ip dhcp6-server
      • ip dhcp-client
      • ip dhcp-lease
      • ip dhcp-monitor
      • ip dhcp-scope
      • ip dhcp-server
      • ip ident4
      • ip ident6
      • ip mtu
      • ip nat4
      • ip nat6
      • ip router-advertise
      • ip router-solicit
    • ip (global context)
      • ip ddns name
      • ip ddns ipv6
      • ip dhcp-reserve
      • ip dns local-only
      • ip dns mode
      • ip firewall
      • ip ipv6
      • ip load-sharing
      • ip max-clients
      • ip port-forward
      • ip route
    • led level
    • login confirm
    • login console
    • login remote
    • login support
    • mac output-format
    • ntp
    • package
    • packet level
    • parent
    • password
    • ping
    • reload
    • rollback
    • show clock
    • show config authorized-keys
    • show config known-hosts
    • show dumps
    • show free-space
    • show hardware
    • show history
    • show interface
    • show interface summary
    • show interface transceivers
    • show ip dhcp-reservations
    • show ip interface
    • show ip neighbors
    • show ip recommendations
    • show ip routes
    • show ip sockets
    • show log
    • show ntp
    • show packages
    • show public-key
    • show running-config
    • show ssh-client-keys
    • show startup-config
    • show stats
    • show syslog
    • show users
    • show vpns
    • show version
    • speed
    • ssh
    • stats
    • syslog
      • syslog level
      • syslog protocol
      • syslog server
    • telnet
    • terminal
      • terminal length
      • terminal terminal-type
      • terminal width
    • timezone
    • update
    • vpn key-exchange
    • vpn peer
      • vpn peer generate client
      • vpn peer host
      • vpn peer local-ip
      • vpn peer mac
      • vpn peer name
      • vpn peer public-key
      • vpn peer remote-ip
      • vpn peer route
      • vpn peer shutdown
      • vpn peer unapproved
      • vpn peer visible
    • vpn port
    • vpn renumber
    • vpn route
    • vpn server
      • vpn server auto-trust
      • vpn server auto-visible
      • vpn server no-local
      • vpn server pool
      • vpn server secret
    • vpn sort
    • write
      • write dump
      • write memory
      • write network
      • write syslog
      • write terminal
Powered by GitBook
On this page
  • Syntax
  • Syntax Description
  • Defaults
  • Usage Guidelines
  • Examples
  • Related Commands
Export as PDF
  1. Commands

vpn key-exchange

Exchange VPN keys and establish a VPN with a remote Island running the IslandExpress service.

Syntax

vpn key-exchange <host> <secret>

Syntax Description

Keyword
Description

host

The name or IP address of the remote Island running the IslandExpress service.

secret

Defaults

None; all parameters must be specified.

Usage Guidelines

Island supports an extention to the standard WireGuard protocol called IslandExpress that simplifies configuration of an Island-to-Island VPN. To use IslandExpress, one Island (typically the "hub" or "central" Island to which one or more remote Islands will be connecting) will configure and enable the IslandExpress service using the vpn server commands, including a shared secret phrase.

Once IslandExpress has been configured on an Island, other Islands can establish a VPN to it using only the vpn key-exchange command. Note that the IslandExpress service does not need to be configured on the Island on which the vpn key-exchange command is run.

By default, a VPN created using the vpn key-exchange command will be assigned a local IP address from a pool on the IslandExpress server to which it connects, and the IP address for traffic sent over the VPN will be translated to this address using NAT. However, once the VPN has been created, it can be modified as desired using the desired vpn peer commands.

A VPN created with this command will not be immediately available if the auto-trust option is enabled on the other Island. Refer to the vpn server auto-trust command for more information.

Examples

vpn key-exchange 198.51.100.28 mysecretpassword

Related Commands

PreviousupdateNextvpn peer

Last updated 2 months ago

The shared secret configured with the command on the remote Island.

vpn peer
vpn server
vpn server secret