testing: Update public keys and certificates in DNS zone
[strongswan.git] / testing / hosts / sun / etc / ipsec.conf
1 # /etc/ipsec.conf - strongSwan IPsec configuration file
2
3 config setup
4
5 conn %default
6         ikelifetime=60m
7         keylife=20m
8         rekeymargin=3m
9         keyingtries=1
10         left=192.168.0.2
11         leftcert=sunCert.pem
12         leftid=@sun.strongswan.org
13         leftfirewall=yes
14
15 conn net-net
16         leftsubnet=10.2.0.0/16
17         right=192.168.0.1
18         rightsubnet=10.1.0.0/16
19         rightid=@moon.strongswan.org
20         auto=add
21
22 conn host-host
23         right=192.168.0.1
24         rightid=@moon.strongswan.org
25         auto=add
26
27 conn nat-t
28         leftsubnet=10.2.0.0/16
29         right=%any
30         rightsubnet=10.1.0.0/16
31         auto=add