| 1234567891011121314151617181920212223242526 |
- # /etc/ipsec.conf - strongSwan IPsec configuration file
- config setup
- strictcrlpolicy=yes
- conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev2
- ike=aes256-sha256-newhope128!
- esp=aes256-sha256!
- authby=pubkey
- fragmentation=yes
- conn rw
- left=PH_IP_MOON
- leftsubnet=10.1.0.0/16
- leftcert=moonCert.der
- leftauth=bliss-sha512
- leftid=moon.strongswan.org
- leftfirewall=yes
- right=%any
- rightsourceip=10.3.0.0/28
- auto=add
|
