Strongswan-swanctl
Zur Navigation springen
Zur Suche springen
strongswan
tiazel.vpn.int
- /etc/ipsec.conf
conn franklin-tiazel authby=secret keyexchange=ikev1 left=10.84.252.32 leftsubnet=10.83.32.0/24 right=10.84.252.40 rightsubnet=10.83.40.0/24 ike=aes256-sha256-modp2048 esp=aes256-sha256-modp2048 ikelifetime=3h keylife=1h auto=add
- /etc/ipsec.secret
10.84.252.32 10.84.252.40 : PSK "suxer"
swanctl
franklin.vpn.int
- /etc/strongswan/swanctl/swanctl.conf
connections { net { local_addrs = 10.84.252.40 remote_addrs = 10.84.252.32 local { auth = psk id = 10.84.252.40 } remote { auth = psk id = 10.84.252.32 } children { net-1 { local_ts = 10.83.40.0/24 remote_ts = 10.83.32.0/24 start_action = start esp_proposals = aes256-sha256-modp2048 } } version = 1 proposals = aes256-sha256-modp2048 } } secrets { ike-net { id = 10.84.252.32 secret = suxer } }