36 lines
582 B
Plaintext
Executable File
36 lines
582 B
Plaintext
Executable File
# /etc/ipsec.conf - strongSwan IPsec configuration file
|
|
|
|
config setup
|
|
plutodebug=control
|
|
crlcheckinterval=180
|
|
strictcrlpolicy=yes
|
|
cachecrls=yes
|
|
charonstart=no
|
|
|
|
conn %default
|
|
ikelifetime=60m
|
|
keylife=20m
|
|
rekeymargin=3m
|
|
keyingtries=1
|
|
keyexchange=ikev1
|
|
left=PH_IP_MOON
|
|
leftcert=moonCert.pem
|
|
leftid=@moon.strongswan.org
|
|
|
|
conn net-net
|
|
leftsubnet=10.1.0.0/16
|
|
right=PH_IP_SUN
|
|
rightsubnet=10.2.0.0/16
|
|
rightid=@sun.strongswan.org
|
|
auto=add
|
|
|
|
conn host-host
|
|
right=PH_IP_SUN
|
|
rightid=@sun.strongswan.org
|
|
auto=add
|
|
|
|
conn rw
|
|
leftsubnet=10.1.0.0/16
|
|
right=%any
|
|
auto=add
|