28 lines
632 B
Text
28 lines
632 B
Text
config setup
|
|
charondebug="ike 1, knl 1, cfg 0"
|
|
uniqueids=no
|
|
|
|
conn ikev2-vpn
|
|
auto=add
|
|
type=tunnel
|
|
keyexchange=ikev2
|
|
fragmentation=yes
|
|
forceencaps=yes
|
|
dpdaction=clear
|
|
dpddelay=300s
|
|
rekey=no
|
|
leftid=$CLIENT_NAME
|
|
leftcert=$CLIENT_NAME.crt
|
|
leftdns=$PRIMARY_DNS,$SECONDARY_DNS
|
|
leftsendcert=always
|
|
leftsourceip=%config
|
|
right=$SERVER_IP_ADDRESS
|
|
rightsubnet=0.0.0.0/0
|
|
rightsendcert=never
|
|
eap_identity=%identity
|
|
encapsulation=yes
|
|
pfs=yes
|
|
ike=aes256-sha256-modp2048,aes256-sha1-modp1024,3des-sha1-modp1024
|
|
esp=aes256-sha256,aes256-sha1,3des-sha1
|
|
|
|
|