| 123456789101112131415161718192021222324252627282930313233 |
- # /etc/ipsec.conf - strongSwan IPsec configuration file
- config setup
- ca strongswan
- cacert=strongswanCert.pem
- crluri=http://crl.strongswan.org/strongswan.crl
- auto=add
- conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev2
- left=PH_IP_MOON
- leftcert=moonCert.pem
- leftsendcert=ifasked
- leftid=@moon.strongswan.org
- conn alice
- leftsubnet=PH_IP_ALICE/32
- right=PH_IP_CAROL
- rightid=carol@strongswan.org
- rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
- auto=add
-
- conn venus
- leftsubnet=PH_IP_VENUS/32
- right=PH_IP_DAVE
- rightid=dave@strongswan.org
- rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
- auto=add
|
