added multi-level-ca-revoked scenario
[strongswan.git] / testing / tests / ikev2 / multi-level-ca-revoked / hosts / carol / etc / ipsec.conf
1 # /etc/ipsec.conf - strongSwan IPsec configuration file
2
3 config setup
4         crlcheckinterval=180
5         strictcrlpolicy=yes
6         plutostart=no
7
8 conn %default
9         ikelifetime=60m
10         keylife=20m
11         rekeymargin=3m
12         keyingtries=1
13         keyexchange=ikev2
14
15 conn home
16         left=PH_IP_CAROL
17         leftnexthop=%direct
18         leftcert=carolCert.pem
19         leftid=carol@strongswan.org
20         right=PH_IP_MOON
21         rightsubnet=10.1.0.0/16
22         rightid=@moon.strongswan.org
23         rightca="C=CH, O=Linux strongSwan, CN=strongSwan Root CA"
24         auto=add