Strongswan-openswan-psk

Aus xinux.net

Zur Navigation springen Zur Suche springen

Strongswan

cat /etc/ipsec.conf

conn o2s
     authby=secret
     keyexchange=ikev1
     left=192.168.252.89
     leftid=@tiazel
     leftsubnet=10.254.32.0/24
     right=192.168.252.200
     rightid=@rome
     rightsubnet=10.254.31.0/24
     ike=aes256gcm128-prfsha256-modp4096!
     esp=aes256gcm128-prfsha256-modp4096!
     auto=start
     closeaction=restart
     dpdaction=restart
     dpddelay=10s

cat /etc/ipsec.secrets

@tiazel @rome  : PSK "suxer"

Openswan

cat /etc/ipsec.conf

version 2.0
config setup
     dumpdir=/var/run/pluto/
     nat_traversal=no
     oe=off
     protostack=netkey
conn o2s
     authby=secret
     left=192.168.252.200
     leftid=@rome
     leftsubnet=10.254.31.0/24
     right=192.168.252.89
     rightid=@tiazel
     rightsubnet=10.254.32.0/24
     ike=aes256gcm128-prfsha256-modp4096
     phase2alg=aes256gcm128-prfsha256-modp4096
     auto=start

cat /etc/ipsec.secrets

@tiazel @rome  : PSK "suxer"

Links

Abgerufen von „https://xinux.net/index.php?title=Strongswan-openswan-psk&oldid=51692“