1
0
mirror of git://projects.qi-hardware.com/openwrt-xburst.git synced 2024-11-05 17:38:27 +02:00
openwrt-xburst/package/strongswan/files/ipsec.conf
florian dceafb31b9 Add strongswan (#1330)
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@6429 3c298f89-4303-0410-b956-a3cf2f4a3e73
2007-02-28 13:30:51 +00:00

35 lines
946 B
Plaintext

version 2.0
config setup
interfaces=%defaultroute
nat_traversal=yes # required on both ends
uniqueids=yes # makes sense on client, not server
hidetos=no
conn %default
authby=rsasig
keyingtries=3
keyexchange=ike
left=%defaultroute
leftrsasigkey=%cert
rightrsasigkey=%cert
dpdtimeout=30 # keepalive must arrive within
dpddelay=5 # secs before keepalives start
compress=no # breaks double nat installations
pfs=yes
conn sample
leftca=%same
leftcert=my.certificate.crt
leftsourceip=192.168.10.1
leftsubnet=192.168.10.0/24
right=my.vpn.concentrator.net.
rightca=%same
rightid="C=??, ST=??, O=??, OU=??, CN=my.vpn.concentrator.net, E=root@concentrator.net"
rightsourceip=192.168.11.1
rightsubnet=192.168.11.0/24
dpdaction=hold
auto=start