- applied andreas's patch
[strongswan.git] / testing / hosts / moon / etc / ipsec.conf
1 # /etc/ipsec.conf - strongSwan IPsec configuration file
2
3 version 2.0     # conforms to second version of ipsec.conf specification
4
5 config setup
6         plutodebug=control
7         crlcheckinterval=180
8         strictcrlpolicy=no
9         charonstart=no
10
11 conn %default
12         ikelifetime=60m
13         keylife=20m
14         rekeymargin=3m
15         keyingtries=1
16         left=PH_IP_MOON
17         leftnexthop=%direct
18         leftcert=moonCert.pem
19         leftid=@moon.strongswan.org
20         leftfirewall=yes
21
22 conn net-net
23         leftsubnet=10.1.0.0/16
24         right=PH_IP_SUN
25         rightsubnet=10.2.0.0/16
26         rightid=@sun.strongswan.org
27         auto=add
28         
29 conn host-host
30         right=PH_IP_SUN
31         rightid=@sun.strongswan.org
32         auto=add
33
34 conn rw
35         leftsubnet=10.1.0.0/16
36         right=%any
37         auto=add