Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- version 2.0 # conforms to second version of ipsec.conf specification
- # basic configuration
- config setup
- # Debug-logging controls: "none" for (almost) none, "all" for lots.
- # klipsdebug=none
- # plutodebug="control parsing"
- # For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
- protostack=netkey
- nat_traversal=yes
- virtual_private=%v4:192.168.1.0/24
- oe=off
- plutodebug=none
- plutostderrlog=/var/log/pluto.log
- interfaces=%defaultroute
- klipsdebug=none
- # Enable this if you see "failed to find any available worker"
- # nhelpers=0
- conn L2TP-PSK
- authby=secret
- pfs=no
- auto=add
- keyingtries=3
- rekey=no
- type=transport
- forceencaps=yes
- right=%any
- rightprotoport=17/0
- # Using the magic port of "0" means "any one single port". This is
- # a work around required for Apple OSX clients that use a randomly
- # high port, but propose "0" instead of their port.
- left=217.12.206.156
- leftprotoport=17/1701
- # Apple iOS doesn't send delete notify so we need dead peer detection
- # to detect vanishing clients
- dpddelay=10
- dpdtimeout=90
- dpdaction=clear
- #You may put your configuration (.conf) file in the "/etc/ipsec.d/" and uncomment this.
- include /etc/ipsec.d/*.conf
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement