Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@DARKSTARVPN:/etc# cat ./ipsec.conf
- # /etc/ipsec.conf - Openswan IPsec configuration file
- # This file: /usr/share/doc/openswan/ipsec.conf-sample
- #
- # Manual: ipsec.conf.5
- version 2.0 # conforms to second version of ipsec.conf specification
- # basic configuration
- config setup
- interfaces=%defaultroute
- klipsdebug=none
- nat_traversal=yes
- nhelpers=0
- oe=off
- plutodebug=none
- plutostderrlog=/var/log/pluto.log
- protostack=netkey
- virtual_private=%v4:10.13.8.5/14
- conn L2TP-PSK
- authby=secret
- pfs=no
- auto=add
- keyingtries=3
- rekey=no
- type=transport
- forceencaps=yes
- right=%any
- rightsubnet=vhost:%no
- rightprotoport=17/0
- # Using the magic port of "0" means "any one single port". This is
- # a work around required for Apple OSX clients that use a randomly
- # high port, but propose "0" instead of their port.
- left=%defaultroute
- leftprotoport=17/1701
- # Apple iOS doesn't send delete notify so we need dead peer detection
- # to detect vanishing clients
- dpddelay=10
- dpdtimeout=90
- dpdaction=clear
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement