2018-07-27 15:34:21 -05:00
|
|
|
config setup
|
|
|
|
|
#charondebug="all"
|
|
|
|
|
#uniqueids=yes
|
|
|
|
|
#strictcrlpolicy=yes
|
|
|
|
|
cachecrls=yes
|
|
|
|
|
|
|
|
|
|
#ca ca-wit #define alternative CRL distribution point
|
|
|
|
|
# cacert=ca-wit.crt
|
|
|
|
|
# crluri=ca-wit.crl
|
|
|
|
|
# auto=add
|
|
|
|
|
|
|
|
|
|
conn %default
|
|
|
|
|
mobike=no
|
|
|
|
|
keyingtries=%forever
|
|
|
|
|
dpdtimeout=10
|
|
|
|
|
dpddelay=3
|
|
|
|
|
dpdaction=restart
|
|
|
|
|
type=transport
|
|
|
|
|
keyexchange=ikev1
|
|
|
|
|
ike=aes128-sha1-modp2048!
|
|
|
|
|
esp=aes128-sha1-modp2048!
|
2018-09-17 14:28:02 -05:00
|
|
|
leftcert=FQHOSTNAME.crt
|
|
|
|
|
leftid="C=US, O=Wit, CN=FQHOSTNAME"
|
|
|
|
|
rightid="C=US, O=Wit, CN=*"
|
|
|
|
|
auto=route
|
2018-07-27 15:34:21 -05:00
|
|
|
|
|
|
|
|
|
2018-09-17 14:28:02 -05:00
|
|
|
conn loopback4
|
|
|
|
|
leftsourceip=%config4
|
2018-09-12 13:01:52 -05:00
|
|
|
leftsubnet=10.1.0.0/16
|
|
|
|
|
rightsubnet=10.1.0.0/16
|
2018-09-17 14:28:02 -05:00
|
|
|
right=%any4
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
conn loopback6
|
|
|
|
|
leftsourceip=%config6
|
|
|
|
|
leftsubnet=2604:bbc0:0:100::/56
|
|
|
|
|
rightsubnet=2604:bbc0:0:100::/56
|
|
|
|
|
right=%any6
|
2018-07-27 15:34:21 -05:00
|
|
|
|
