testing: Fix IKE proposal in swanctl/net2net-gw scenario
authorTobias Brunner <tobias@strongswan.org>
Thu, 28 Jun 2018 16:03:57 +0000 (18:03 +0200)
committerTobias Brunner <tobias@strongswan.org>
Thu, 28 Jun 2018 16:46:42 +0000 (18:46 +0200)
Also simplify config by using references.

testing/tests/swanctl/net2net-gw/hosts/carol/etc/swanctl/swanctl.conf

index cdf6bca..aeea94e 100755 (executable)
@@ -11,7 +11,7 @@ connections {
          id = moon.strongswan.org
       }
       children {
-         net-moon {
+         net {
             local_ts  = 10.2.0.0/16
             remote_ts = 10.1.0.0/16
 
@@ -23,27 +23,16 @@ connections {
       mobike = no
       proposals = aes128-sha256-x25519
    }
-   gw-sun {
-      local {
-         auth = pubkey
-         certs = carolCert.pem
-         id = carol@strongswan.org
-      }
+
+   gw-sun : connections.gw-moon {
       remote {
-         auth = pubkey
          id = sun.strongswan.org
       }
       children {
-         net-sun {
+         net {
             local_ts  = 10.1.0.0/16
             remote_ts = 10.2.0.0/16
-
-            updown = /usr/local/libexec/ipsec/_updown iptables
-            esp_proposals = aes128gcm128-modp3072
          }
       }
-      version = 2
-      mobike = no
-      proposals = aes128-sha256-modp3072
    }
 }