Ipsec: Difference between revisions
Jump to navigation
Jump to search
(Created page with "== Overview == ipsec 유틸리티 내용 정리 == Configuration == <pre> # ipsec.conf - strongSwan IPsec configuration file # basic configuration config setup # strictcrl...") |
No edit summary |
||
Line 48: | Line 48: | ||
esp=aes128-sha1-modp1536 | esp=aes128-sha1-modp1536 | ||
</pre> | </pre> | ||
== See also == | |||
* https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection - Strong swan configuration manual | |||
[[category:command/utility]] | [[category:command/utility]] |
Latest revision as of 08:32, 12 January 2017
Overview
ipsec 유틸리티 내용 정리
Configuration
# ipsec.conf - strongSwan IPsec configuration file # basic configuration config setup # strictcrlpolicy=yes # uniqueids = no # Add connections here. # Sample VPN connections #conn sample-self-signed # leftsubnet=10.1.0.0/16 # leftcert=selfCert.der # leftsendcert=never # right=192.168.0.2 # rightsubnet=10.2.0.0/16 # rightcert=peerCert.der # auto=start #conn sample-with-ca-cert # leftsubnet=10.1.0.0/16 # leftcert=myCert.pem # right=192.168.0.2 # rightsubnet=10.2.0.0/16 # rightid="C=CH, O=Linux strongSwan CN=peer name" # auto=start conn example keyexchange=ikev1 auto=add aggressive=yes leftsourceip=%config leftauth=psk leftauth2=xauth rightauth=psk right=192.168.100.20 rightsubnet=0.0.0.0/0 forceencaps=yes xauth_identity=pchero@example.com ike=aes128-sha1-modp1536 esp=aes128-sha1-modp1536
See also
- https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection - Strong swan configuration manual