| 1234567891011121314151617181920212223242526 |
- # /etc/ipsec.conf - strongSwan IPsec configuration file
- config setup
- strictcrlpolicy=yes
- conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev2
- ike=aes256-sha256-newhope128!
- esp=aes256-sha256!
- authby=pubkey
- fragmentation=yes
- conn home
- left=PH_IP_CAROL
- leftsourceip=%config
- leftcert=carolCert.der
- leftid=carol@strongswan.org
- leftfirewall=yes
- right=PH_IP_MOON
- rightsubnet=10.1.0.0/16
- rightid=moon.strongswan.org
- auto=add
|
