Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- root@foo:~# cat /etc/ipsec.conf
- config setup
- charondebug="ike 3, knl 3, cfg 3"
- uniqueids=no
- conn ikev2-psk
- auto=add
- compress=no
- type=tunnel
- keyexchange=ikev2
- fragmentation=yes
- forceencaps=yes
- ike=aes256-sha512-modp2048s256!
- esp=aes256gcm16!
- dpdaction=clear
- dpddelay=300s
- rekey=no
- left=%any
- leftcert=/etc/letsencrypt/live/server.domain.my/fullchain.pem
- leftsendcert=always
- leftsubnet=0.0.0.0/0
- right=%any
- rightid=%any
- rightauth=secret
- rightsourceip=172.18.72.0/24
- rightdns=1.0.0.1,1.1.1.1
- rightsendcert=never
- type=tunnel
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
