40-vlan

2021-10-11 11:54:35 +02:00 · 2021-10-11 11:54:35 +02:00 · 5691bc4e42
commit 5691bc4e42
parent cdf2c8db14
2 changed files with 28 additions and 0 deletions
--- a/sio2/sisr/40-vlan/ipsec.conf
+++ b/sio2/sisr/40-vlan/ipsec.conf
@ -0,0 +1,23 @@
+config setup
+        charondebug="all"
+        uniqueids=yes
+        strictcrlpolicy=no
+conn %default
+conn tunnel #
+        left=10.0.0.2
+        leftsubnet=192.168.2.0/24
+        right=10.0.0.1
+        rightsubnet=192.168.1.0/24
+        ike=aes256-sha2_256-modp1024!
+        esp=aes256-sha2_256!
+        keyingtries=0
+        ikelifetime=1h
+        lifetime=8h
+        dpddelay=30
+        dpdtimeout=120
+        dpdaction=restart
+        authby=secret
+        auto=start
+        keyexchange=ikev2
+        type=tunnel
+
--- a/sio2/sisr/40-vlan/ipsec.secrets
+++ b/sio2/sisr/40-vlan/ipsec.secrets
@ -0,0 +1,5 @@
+# This file holds shared secrets or RSA private keys for authentication.
+
+# RSA private key for this host, authenticating it to any other host
+# which knows the public part.
+10.0.0.2 10.0.0.1 : PSK 'root'