c5a2a7150c88c8d3f65759e8d354f275d61b21ab
[strongswan.git] / testing / tests / swanctl / protoport-range / hosts / moon / etc / swanctl / swanctl.conf
1 connections {
2
3    rw {
4       local_addrs  = 192.168.0.1
5
6       local {
7          auth = pubkey
8          certs = moonCert.pem
9          id = moon.strongswan.org
10       }
11       remote {
12          auth = pubkey
13       }
14       children {
15          icmp-req {
16             local_ts  = 10.1.0.0/16[icmp/2048]
17             remote_ts = dynamic[icmp/2048]
18
19             hostaccess = yes
20             updown = /usr/local/libexec/ipsec/_updown iptables
21             esp_proposals = aes128gcm128-modp3072
22          }
23          icmp-rep {
24             local_ts  = 10.1.0.0/16[icmp/0]
25             remote_ts = dynamic[icmp/0]
26
27             hostaccess = yes
28             updown = /usr/local/libexec/ipsec/_updown iptables
29             esp_proposals = aes128gcm128-modp3072
30          }
31          ftp-ssh {
32             local_ts  = 10.1.0.0/16[tcp/21-22]
33             remote_ts = dynamic[tcp/32768-65535]
34
35             hostaccess = yes
36             updown = /usr/local/libexec/ipsec/_updown iptables
37             esp_proposals = aes128gcm128-modp3072
38          }
39       }
40       version = 2
41       proposals = aes128-sha256-modp3072
42    }
43 }