- import of strongswan-2.7.0
[strongswan.git] / testing / hosts / moon / etc / ipsec.conf
1 # /etc/ipsec.conf - strongSwan IPsec configuration file
2
3 version 2.0     # conforms to second version of ipsec.conf specification
4
5 config setup
6         plutodebug=control
7         crlcheckinterval=180
8         strictcrlpolicy=no
9
10 conn %default
11         ikelifetime=60m
12         keylife=20m
13         rekeymargin=3m
14         keyingtries=1
15         left=192.168.0.1
16         leftnexthop=%direct
17         leftcert=moonCert.pem
18         leftid=@moon.strongswan.org
19         leftfirewall=yes
20
21 conn net-net
22         leftsubnet=10.1.0.0/16
23         right=192.168.0.2
24         rightsubnet=10.2.0.0/16
25         rightid=@sun.strongswan.org
26         auto=add
27         
28 conn host-host
29         right=192.168.0.2
30         rightid=@sun.strongswan.org
31         auto=add
32
33 conn rw
34         leftsubnet=10.1.0.0/16
35         right=%any
36         auto=add