diff options
Diffstat (limited to 'ipsec.conf')
-rw-r--r-- | ipsec.conf | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/ipsec.conf b/ipsec.conf new file mode 100644 index 0000000..82728d3 --- /dev/null +++ b/ipsec.conf | |||
@@ -0,0 +1,41 @@ | |||
1 | |||
2 | # basic configuration | ||
3 | |||
4 | config setup | ||
5 | # strictcrlpolicy=yes | ||
6 | # uniqueids = no | ||
7 | |||
8 | conn andy | ||
9 | type=tunnel | ||
10 | auto=add | ||
11 | left=%any | ||
12 | leftsourceip=%config | ||
13 | leftsigkey="ssh:0sAAAAB3NzaC1yc2EAAAADAQABAAABAQC8b9n1/1p5HposHmP1xbrKCOP+3PSnaycQvIbcB3ugYBFgTfUoVZ0c6pUzpw8uR93iQ/mSyeEvjaUDctBASg67jxyeSU78p9qJ/y/Eg2uBiMNx1fUljVryqXCbQRebjtVWNjIhr99qowzYrV+ztTNpQ2oI/VhQ9C+cbDLKySoR5L8wrkSPqvYH4oZJtyKQmv7lN3/MKFONZlTo1RMw2+4214uaQJF1dcwW3erHh15SpqoQ7LidqNH2Q6SInzVdJbZtQSWjFM29m4nQMv55g6VlUK8NfcGJuIKghO0urZvYQpdeBe05Lr/y/n3wqJb97Eh5hzQc9Jx5kKQZeueHWEkz" | ||
14 | leftid=dd6c:fbfd:eeb8:4709 | ||
15 | right=%any | ||
16 | right=68.48.18.140 | ||
17 | #rightsubnet=2601:401:8200:2d4c::1/64 | ||
18 | rightsubnet=0::0/0 | ||
19 | rightsigkey="ssh:0sAAAAB3NzaC1yc2EAAAADAQABAAABAQD0v/20UNR7vpib9amq1xMrJSiyIWXjpiHq1O2BIrzZ2nuilSxn1dYVhelUTR2siDKAxoo3sX0GDWayMekHtzPr1DBXQ/eu9PNhp9Q0QvkgRSay9HggelpGukxP8N72kbthggmCkWufaM/OoDOVHBYngJFbrwOwhDKJyL+q8f3u1LFOErRxVJ7f7/C1o+NLkWXayfwOK8kk4Hc9tcy1MXk5jLx927evsyOYXV2Lbzf9qwXSV6MjUlFDhqhW/v2IOBCxXG7GhpoHTmpdtv0JxDLnc5zYBxgleiS74DmC5GKU5EgU63e7FNnPSvVnYO+S3mO+Y4PwNv4BYnKSpSGe/0tt" | ||
20 | |||
21 | # Add connections here. | ||
22 | |||
23 | # Sample VPN connections | ||
24 | |||
25 | #conn sample-self-signed | ||
26 | # leftsubnet=10.1.0.0/16 | ||
27 | # leftcert=selfCert.der | ||
28 | # leftsendcert=never | ||
29 | # right=192.168.0.2 | ||
30 | # rightsubnet=10.2.0.0/16 | ||
31 | # rightcert=peerCert.der | ||
32 | # auto=start | ||
33 | |||
34 | #conn sample-with-ca-cert | ||
35 | # leftsubnet=10.1.0.0/16 | ||
36 | # leftcert=myCert.pem | ||
37 | # right=192.168.0.2 | ||
38 | # rightsubnet=10.2.0.0/16 | ||
39 | # rightid="C=CH, O=Linux strongSwan CN=peer name" | ||
40 | # auto=start | ||
41 | #include /var/cache/kiki/config/ipsec.conf | ||