API tools faq
paste
Guest User

Untitled

a guest
Jul 14th, 2020
5
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.15 KB | None | 0 0
raw download clone embed print report
  1. # ipsec.conf - strongSwan IPsec configuration file
  2.  
  3. config setup
  4. charondebug="ike 2, knl 2, cfg 2, net 2, esp 2, dmn 2, mgr 2"
  5.  
  6. conn %default
  7. ikelifetime=24h
  8. keylife=24h
  9. keyexchange=ikev2
  10. dpdaction=clear
  11. dpdtimeout=3600s
  12. dpddelay=3600s
  13. compress=yes
  14.  
  15. conn test
  16. keyexchange=ikev2
  17. ike=aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024!
  18. esp=aes128gcm16-ecp256,aes256gcm16-ecp384,aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024,aes128gcm16,aes256gcm16,aes128-sha256,aes128-sha1,aes256-sha384,aes256-sha256,aes256-sha1!
  19. dpdaction=clear
  20. dpddelay=300s
  21. rekey=no
  22. left=%any
  23. leftsubnet=192.168.99.1/24
  24. leftcert=vpnHostCert.der
  25. right=%any
  26. rightdns=8.8.8.8,8.8.4.4
  27. rightsourceip=192.168.10.100/16
  28.  
  29. conn test2
  30. keyexchange=ikev2
  31. ike=aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024!
  32. esp=aes128gcm16-ecp256,aes256gcm16-ecp384,aes128-sha256-ecp256,aes256-sha384-ecp384,aes128-sha256-modp2048,aes128-sha1-modp2048,aes256-sha384-modp4096,aes256-sha256-modp4096,aes256-sha1-modp4096,aes128-sha256-modp1536,aes128-sha1-modp1536,aes256-sha384-modp2048,aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha256-modp1024,aes128-sha1-modp1024,aes256-sha384-modp1536,aes256-sha256-modp1536,aes256-sha1-modp1536,aes256-sha384-modp1024,aes256-sha256-modp1024,aes256-sha1-modp1024,aes128gcm16,aes256gcm16,aes128-sha256,aes128-sha1,aes256-sha384,aes256-sha256,aes256-sha1!
  33. dpdaction=clear
  34. dpddelay=300s
  35. rekey=no
  36. left=%any
  37. leftsubnet=192.168.99.1/24
  38. # leftcert=vpnHostCert.der
  39. rightsendcert=never
  40. right=%any
  41. rightdns=8.8.8.8,8.8.4.4
  42. rightsourceip=192.168.20.100/16
  43.  
  44. conn IPSec-IKEv2
  45. keyexchange=ikev2
  46. auto=add
  47.  
  48. conn IPSec-IKEv2-EAP
  49. also="IPSec-IKEv2"
  50. rightauth=eap-mschapv2
  51. rightauthby2=pubkey
  52. rightsendcert=never
  53. eap_identity=%any
  54.  
  55. conn CiscoIPSec
  56. keyexchange=ikev1
  57. forceencaps=yes
  58. authby=xauthrsasig
  59. xauth=server
  60. auto=add
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!