File: ipsec.conf

package info (click to toggle)

libreswan 5.2-2.3

links: PTS, VCS
area: main
in suites: sid
size: 81,644 kB
sloc: ansic: 129,988; sh: 32,018; xml: 20,646; python: 10,303; makefile: 3,022; javascript: 1,506; sed: 574; yacc: 511; perl: 264; awk: 52

file content (43 lines) | stat: -rw-r--r-- 765 bytes

parent folder | download | duplicates (2)

# /etc/ipsec.conf - Libreswan IPsec configuration file

config setup
	ikev1-policy=accept
	logfile=/tmp/pluto.log
	logtime=no
	logappend=no
	dumpdir=/tmp
	plutodebug=all

conn base
	keyexchange=ikev1
	rightcert=east
	right=192.1.2.23
	rightmodecfgserver=yes
	leftmodecfgclient=yes
	modecfgpull=yes
	rightxauthserver=yes
	leftxauthclient=yes
	modecfgdns="1.2.3.4, 5.6.7.8"
	leftid=%fromcert
	rightid=%fromcert

conn any-east
	also=base
	left=%any
	leftaddresspool=192.0.2.101-192.0.2.200
	xauthby=alwaysok
	rightsubnet=0.0.0.0/0

conn road-east
	also=base
	# leftsubnet=<addresspool>
	left=%defaultroute
	rightsubnet=0.0.0.0/0
	leftcert=road

conn road-narrows-east
	also=base
	# leftsubnet=<addresspool>
	rightsubnet=192.0.2.0/24
	left=%defaultroute
	leftcert=road