From 5691bc4e42473e9ce5a0cb8a160740db5c94f1f0 Mon Sep 17 00:00:00 2001
From: raphanaud <noeraphanaud@gmail.com>
Date: Mon, 11 Oct 2021 11:54:35 +0200
Subject: [PATCH] 40-vlan

---
 sio2/sisr/40-vlan/ipsec.conf    | 23 +++++++++++++++++++++++
 sio2/sisr/40-vlan/ipsec.secrets |  5 +++++
 2 files changed, 28 insertions(+)
 create mode 100644 sio2/sisr/40-vlan/ipsec.conf
 create mode 100644 sio2/sisr/40-vlan/ipsec.secrets

diff --git a/sio2/sisr/40-vlan/ipsec.conf b/sio2/sisr/40-vlan/ipsec.conf
new file mode 100644
index 0000000..1d0db41
--- /dev/null
+++ b/sio2/sisr/40-vlan/ipsec.conf
@@ -0,0 +1,23 @@
+config setup
+        charondebug="all"
+        uniqueids=yes
+        strictcrlpolicy=no
+conn %default
+conn tunnel #
+        left=10.0.0.2
+        leftsubnet=192.168.2.0/24
+        right=10.0.0.1
+        rightsubnet=192.168.1.0/24
+        ike=aes256-sha2_256-modp1024!
+        esp=aes256-sha2_256!
+        keyingtries=0
+        ikelifetime=1h
+        lifetime=8h
+        dpddelay=30
+        dpdtimeout=120
+        dpdaction=restart
+        authby=secret
+        auto=start
+        keyexchange=ikev2
+        type=tunnel
+
diff --git a/sio2/sisr/40-vlan/ipsec.secrets b/sio2/sisr/40-vlan/ipsec.secrets
new file mode 100644
index 0000000..d4a45b2
--- /dev/null
+++ b/sio2/sisr/40-vlan/ipsec.secrets
@@ -0,0 +1,5 @@
+# This file holds shared secrets or RSA private keys for authentication.
+
+# RSA private key for this host, authenticating it to any other host
+# which knows the public part.
+10.0.0.2 10.0.0.1 : PSK 'root'