26 lines
471 B
Plaintext
26 lines
471 B
Plaintext
![]() |
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
||
|
|
||
|
config setup
|
||
|
plutodebug="control"
|
||
|
crlcheckinterval=180
|
||
|
strictcrlpolicy=no
|
||
|
charonstart=no
|
||
|
|
||
|
conn %default
|
||
|
ikelifetime=60m
|
||
|
keylife=20m
|
||
|
rekeymargin=3m
|
||
|
keyingtries=1
|
||
|
keyexchange=ikev1
|
||
|
ike=twofish256-sha2_512-modp4096!
|
||
|
esp=twofish256-sha2_512!
|
||
|
|
||
|
conn home
|
||
|
left=PH_IP_CAROL
|
||
|
leftcert=carolCert.pem
|
||
|
leftid=carol@strongswan.org
|
||
|
right=PH_IP_MOON
|
||
|
rightsubnet=10.1.0.0/16
|
||
|
rightid=@moon.strongswan.org
|
||
|
auto=add
|