firewall-enabled ipv6/net2net-ip6-in-ip4-ikev2 scenario
[strongswan.git] / testing / tests / ipv6 / net2net-ip6-in-ip4-ikev2 / hosts / moon / etc / ipsec.conf
1 # /etc/ipsec.conf - strongSwan IPsec configuration file
2
3 config setup
4         strictcrlpolicy=no
5         crlcheckinterval=180
6         plutostart=no
7
8 conn %default
9         ikelifetime=60m
10         keylife=20m
11         rekeymargin=3m
12         keyingtries=1
13         keyexchange=ikev2
14         mobike=no
15
16 conn net-net 
17         left=PH_IP_MOON
18         leftsubnet=fec1::0/16
19         leftcert=moonCert.pem
20         leftid=@moon.strongswan.org
21         leftfirewall=yes
22         right=PH_IP_SUN
23         rightsubnet=fec2::0/16
24         rightid=@sun.strongswan.org
25         auto=add