Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # /etc/ipsec.conf
- config setup
- charondebug="ike 1, knl 1, cfg 0"
- uniqueids=no
- conn ikev2-vpn
- auto=add
- compress=no
- type=tunnel
- keyexchange=ikev2
- fragmentation=yes
- forceencaps=yes
- dpdaction=clear
- dpddelay=300s
- dpdtimeout=1800s
- ike=aes256-aes192-aes128-sha384-sha256-sha1-modp3072-modp2048-modp1536-modp1024!
- rekey=no
- left=%any
- leftid=my.domain.com
- leftauth=pubkey
- leftcert=fullchain.cer
- leftsendcert=always
- leftsubnet=0.0.0.0/0
- right=%any
- rightid=%any
- rightauth=eap-mschapv2
- rightsourceip=10.10.10.0/24
- rightdns=8.8.8.8,8.8.4.4
- rightsendcert=never
- eap_identity=%identity
- conn static_ip___staticuser200
- also=ikev2-vpn
- rightid=staticuser200
- rightsourceip=10.10.10.200/32
- conn static_ip___staticuser201
- also=ikev2-vpn
- rightid=staticuser201
- rightsourceip=10.10.10.201/32
Add Comment
Please, Sign In to add comment