| 12345678910111213141516171819202122232425262728 |
- # /etc/ipsec.conf - strongSwan IPsec configuration file
- config setup
- strictcrlpolicy=yes
- ca strongswan
- cacert=strongswanCert.pem
- ocspuri=http://ocsp.strongswan.org:8880
- auto=add
- conn %default
- ikelifetime=60m
- keylife=20m
- rekeymargin=3m
- keyingtries=1
- keyexchange=ikev2
- left=PH_IP_CAROL
- leftcert=carolCert.pem
- right=PH_IP_MOON
- rightid=@moon.strongswan.org
- conn alice
- rightsubnet=PH_IP_ALICE/32
- auto=add
-
- conn venus
- rightsubnet=PH_IP_VENUS/32
- auto=add
|
