Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- libtls {
- suites = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
- }
- charon {
- plugins {
- dhcp {
- # Always use the configured server address.
- force_server_address = yes
- # Derive user-defined MAC address from hash of IKE identity.
- identity_lease = yes
- # Interface name the plugin uses for address allocation.
- interface = eth0
- # Whether to load the plugin. Can also be an integer to increase the
- # priority of this plugin.
- load = yes
- # DHCP server unicast or broadcast IP address.
- server = 10.0.2.255
- }
- }
- }
- conn %default
- ike=aes256gcm16-sha384-modp3072!
- esp=aes256gcm16-sha384-modp3072!
- conn ikev2
- auto=start
- leftid=client@my-vpn.com
- leftsourceip=%config
- leftauth=eap-tls
- leftcert=vpn-client.crt
- right=my-vpn.com
- rightid=my-vpn.com
- rightsubnet=0.0.0.0/0
- rightauth=pubkey
- host client {
- hardware ethernet a1-b2-c3-d4-e5-f6;
- fixed-address 10.0.2.2;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement