Linux IPSec initial
This commit is contained in:
Mykola Baibuz
parent
90912f9231
commit
b0b185027e
15 changed files with 313 additions and 10 deletions
30
client/server_scripts/ipsec/template.conf
Normal file
30
client/server_scripts/ipsec/template.conf
Normal file
|
|
@ -0,0 +1,30 @@
|
|||
config setup
|
||||
charondebug="ike 1, knl 1, cfg 0"
|
||||
uniqueids=no
|
||||
|
||||
conn ikev2-vpn
|
||||
auto=add
|
||||
compress=no
|
||||
type=tunnel
|
||||
keyexchange=ikev2
|
||||
fragmentation=yes
|
||||
forceencaps=yes
|
||||
dpdaction=clear
|
||||
dpddelay=300s
|
||||
rekey=no
|
||||
left=%any
|
||||
leftid=$CLIENT_NAME
|
||||
leftcert=$CLIENT_NAME.crt
|
||||
leftsendcert=always
|
||||
leftsubnet=0.0.0.0/0
|
||||
right=%any
|
||||
rightid=%any
|
||||
rightauth=rsa
|
||||
rightsourceip=$IPSEC_VPN_L2TP_NET
|
||||
rightdns=$PRIMARY_DNS,$SECONDARY_DNS
|
||||
rightsendcert=never
|
||||
eap_identity=%identity
|
||||
ike=aes256-sha1-modp1024,aes128-sha1-modp1024
|
||||
esp=aes256-sha1,aes256-sha2_512
|
||||
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue