Update IPSec configs templates
This commit is contained in:
Mykola Baibuz
parent
b0b185027e
commit
89d4c18e87
2 changed files with 10 additions and 12 deletions
|
|
@ -242,6 +242,7 @@ conn ikev2-cp
|
||||||
dpdtimeout=120
|
dpdtimeout=120
|
||||||
dpdaction=clear
|
dpdaction=clear
|
||||||
auto=add
|
auto=add
|
||||||
|
authby=rsa-sha1
|
||||||
ikev2=insist
|
ikev2=insist
|
||||||
rekey=no
|
rekey=no
|
||||||
pfs=no
|
pfs=no
|
||||||
|
|
|
||||||
|
|
@ -4,7 +4,6 @@ config setup
|
||||||
|
|
||||||
conn ikev2-vpn
|
conn ikev2-vpn
|
||||||
auto=add
|
auto=add
|
||||||
compress=no
|
|
||||||
type=tunnel
|
type=tunnel
|
||||||
keyexchange=ikev2
|
keyexchange=ikev2
|
||||||
fragmentation=yes
|
fragmentation=yes
|
||||||
|
|
@ -12,19 +11,17 @@ conn ikev2-vpn
|
||||||
dpdaction=clear
|
dpdaction=clear
|
||||||
dpddelay=300s
|
dpddelay=300s
|
||||||
rekey=no
|
rekey=no
|
||||||
left=%any
|
|
||||||
leftid=$CLIENT_NAME
|
leftid=$CLIENT_NAME
|
||||||
leftcert=$CLIENT_NAME.crt
|
leftcert=$CLIENT_NAME.crt
|
||||||
|
leftdns=$PRIMARY_DNS,$SECONDARY_DNS
|
||||||
leftsendcert=always
|
leftsendcert=always
|
||||||
leftsubnet=0.0.0.0/0
|
leftsourceip=%config
|
||||||
right=%any
|
right=$SERVER_IP_ADDRESS
|
||||||
rightid=%any
|
rightsubnet=0.0.0.0/0
|
||||||
rightauth=rsa
|
rightsendcert=never
|
||||||
rightsourceip=$IPSEC_VPN_L2TP_NET
|
eap_identity=%identity
|
||||||
rightdns=$PRIMARY_DNS,$SECONDARY_DNS
|
encapsulation=yes
|
||||||
rightsendcert=never
|
ike=aes256-sha256-modp2048,aes256-sha1-modp1024,3des-sha1-modp1024
|
||||||
eap_identity=%identity
|
esp=aes256-sha256,aes256-sha1,3des-sha1
|
||||||
ike=aes256-sha1-modp1024,aes128-sha1-modp1024
|
|
||||||
esp=aes256-sha1,aes256-sha2_512
|
|
||||||
|
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue