55 lines
1.1 KiB
Plaintext
Executable File
55 lines
1.1 KiB
Plaintext
Executable File
connections {
|
|
|
|
gw-gw {
|
|
local_addrs = 192.168.0.1
|
|
remote_addrs = 192.168.0.2
|
|
|
|
local {
|
|
auth = psk
|
|
id = moon.strongswan.org
|
|
}
|
|
remote {
|
|
auth = psk
|
|
id = sun.strongswan.org
|
|
}
|
|
children {
|
|
net-net {
|
|
local_ts = 10.1.0.0/16
|
|
remote_ts = 10.2.0.0/16
|
|
|
|
updown = /usr/local/libexec/ipsec/_updown iptables
|
|
rekey_time = 5400
|
|
rekey_bytes = 500000000
|
|
rekey_packets = 1000000
|
|
esp_proposals = aes128gcm128-x25519
|
|
}
|
|
}
|
|
version = 2
|
|
mobike = no
|
|
reauth_time = 10800
|
|
proposals = aes128-sha256-x25519
|
|
}
|
|
}
|
|
|
|
secrets {
|
|
ike-1 {
|
|
id-1 = moon.strongswan.org
|
|
secret = 0x45a30759df97dc26a15b88ff
|
|
}
|
|
ike-2 {
|
|
id-2 = sun.strongswan.org
|
|
secret = "This is a strong password"
|
|
}
|
|
ike-3 {
|
|
id-3a = moon.strongswan.org
|
|
id-3b =sun.strongswan.org
|
|
secret = 0sv+NkxY9LLZvwj4qCC2o/gGrWDF2d21jL
|
|
}
|
|
ike-4 {
|
|
secret = 'My "home" is my "castle"!'
|
|
}
|
|
ike-5 {
|
|
id-5 = 192.168.0.1
|
|
secret = "Andi's home"
|
|
}
|
|
} |