| 12345678910111213141516171819202122232425 |
- # /etc/ipsec.conf - strongSwan IPsec configuration file
- config setup
- strictcrlpolicy=yes
- ca strongswan-ca
- cacert=strongswanCert.pem
- ocspuri1=http://bob.strongswan.org:8800
- ocspuri2=http://ocsp2.strongswan.org:8880
- auto=add
- conn %default
- keyexchange=ikev2
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- conn rw
- left=PH_IP_MOON
- leftcert=moonCert.pem
- leftid=@moon.strongswan.org
- leftsubnet=10.1.0.0/16
- right=%any
- auto=add
|
