API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Oct 21st, 2014
290
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.99 KB | None | 0 0
raw download clone embed print report
  1. config setup
  2. # nat_traversal=yes
  3. charonstart=yes
  4. plutostart=no
  5. #charondebug="ike 4, knl 4, cfg 4, mgr 4, chd 4, net 4"
  6.  
  7. # /etc/ipsec.conf - strongSwan IPsec configuration file
  8.  
  9. conn %default
  10. ikelifetime=12h
  11. keylife=24h
  12. rekeymargin=3m
  13. keyingtries=%forever
  14. keyexchange=ikev1
  15. authby=secret
  16.  
  17. conn jdc
  18. #ike=aes128,aes128-sha-modp1536,3des-sha-modp1536
  19. #esp=md5,3des-md5,aes128-sha1,3des-sha1
  20. # The leftid parameter is not a real DNS name
  21. ike=3des-md5-modp1024
  22. esp=aes128-sha1
  23. pfs=no
  24. authby=psk
  25. leftid=X.X.X.X
  26. # The "left" parameter is the gateway's private IP
  27. left=10.10.10.10
  28. leftsubnet=10.100.200.21/32,10.10.0.0/16,10.20.0.0/16,10.30.0.0/16,10.110.0.0/16
  29. leftsourceip=10.100.200.21
  30. # The virtual IP pool is outside the VPC!
  31. #rightsourceip=10.100.255.0/28
  32. right=%any
  33. rightsourceip=10.100.200.22
  34. rightsubnet=10.100.200.22/32,192.100.80.0/22
  35. type=tunnel
  36. auto=route
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!