swanctl.conf: change to host2host
Fix the problem of ipsec only working properly in client -> server direction, as described in OS#5675.
This commit is contained in:
parent
6348c040a4
commit
161cadfd3b
|
@ -15,7 +15,7 @@ How to use:
|
|||
* server: copy server.network contents to /etc/systemd/network/
|
||||
* client: copy client.network contents to /etc/systemd/network/
|
||||
* client and server: start charon-systemd (debian: `systemctl start strongswan`)
|
||||
* client: run `swanctl --initiate --child home`
|
||||
* client: run `swanctl --initiate --child host-host`
|
||||
* client: run `client.gtp.sh`
|
||||
* server: run `server.gtp.sh`
|
||||
|
||||
|
|
|
@ -1,6 +1,6 @@
|
|||
connections {
|
||||
|
||||
home {
|
||||
host-host {
|
||||
local_addrs = 10.0.0.2
|
||||
remote_addrs = 10.0.0.1
|
||||
|
||||
|
@ -13,9 +13,9 @@ connections {
|
|||
id = moon.strongswan.org
|
||||
}
|
||||
children {
|
||||
home {
|
||||
remote_ts = 10.1.0.0/16
|
||||
|
||||
host-host {
|
||||
local_ts = 10.1.0.2
|
||||
remote_ts = 10.1.0.1
|
||||
updown = /usr/lib/ipsec/_updown iptables
|
||||
# esp_proposals = aes128gcm128-x25519
|
||||
esp_proposals = null-null
|
||||
|
|
|
@ -1,7 +1,8 @@
|
|||
connections {
|
||||
|
||||
rw {
|
||||
host-host {
|
||||
local_addrs = 10.0.0.1
|
||||
remote_addrs = 10.0.0.2
|
||||
|
||||
local {
|
||||
auth = pubkey
|
||||
|
@ -12,9 +13,9 @@ connections {
|
|||
auth = psk
|
||||
}
|
||||
children {
|
||||
net {
|
||||
local_ts = 10.1.0.0/16
|
||||
|
||||
host-host {
|
||||
local_ts = 10.1.0.1
|
||||
remote_ts = 10.1.0.2
|
||||
updown = /usr/lib/ipsec/_updown iptables
|
||||
# esp_proposals = aes128gcm128-x25519
|
||||
esp_proposals = null-null
|
||||
|
|
Loading…
Reference in New Issue