forked from libreswan/libreswan
-
Notifications
You must be signed in to change notification settings - Fork 0
/
east.conf
27 lines (24 loc) · 877 Bytes
/
east.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
# /etc/ipsec.conf - Strongswan IPsec configuration file
config setup
# setup items now go into strongswan.conf for version 5+
conn westnet-eastnet-ikev2
authby=rsasig
#auto=start
left=192.1.2.45
leftsubnet=192.0.1.0/24
leftrsasigkey=%cert
leftcert=/etc/strongswan/ipsec.d/certs/west.crt
leftsendcert=never
leftid="C=CA, ST=Ontario, O=Libreswan, OU=Test Department, CN=west.testing.libreswan.org, E=testing.libreswan.org"
right=192.1.2.23
rightsubnet=192.0.2.0/24
rightrsasigkey=%cert
rightcert=/etc/strongswan/ipsec.d/certs/east.crt
rightsendcert=never
rightid="C=CA/ST=Ontario/O=Libreswan/OU=Test Department/CN=east.testing.libreswan.org/E=testing.libreswan.org"
# strongswan options
keyexchange=ikev2
auto=add
fragmentation=yes
#strongswan cannot include this, due to incompatible options
#include /testing/baseconfigs/all/etc/ipsec.d/ipsec.conf.common