Ipsec

From 탱이의 잡동사니
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Overview

ipsec 유틸리티 내용 정리

Configuration

# ipsec.conf - strongSwan IPsec configuration file

# basic configuration

config setup
	# strictcrlpolicy=yes
	# uniqueids = no

# Add connections here.

# Sample VPN connections

#conn sample-self-signed
#      leftsubnet=10.1.0.0/16
#      leftcert=selfCert.der
#      leftsendcert=never
#      right=192.168.0.2
#      rightsubnet=10.2.0.0/16
#      rightcert=peerCert.der
#      auto=start

#conn sample-with-ca-cert
#      leftsubnet=10.1.0.0/16
#      leftcert=myCert.pem
#      right=192.168.0.2
#      rightsubnet=10.2.0.0/16
#      rightid="C=CH, O=Linux strongSwan CN=peer name"
#      auto=start

conn example
        keyexchange=ikev1
        auto=add
        aggressive=yes
        leftsourceip=%config
        leftauth=psk
        leftauth2=xauth
        rightauth=psk
        right=192.168.100.20
        rightsubnet=0.0.0.0/0
        forceencaps=yes
        xauth_identity=pchero@example.com
        ike=aes128-sha1-modp1536
        esp=aes128-sha1-modp1536

See also

Retrieved from "http://wiki.pchero21.com/index.php?title=Ipsec&oldid=2159"