summaryrefslogtreecommitdiffstats
path: root/extras/strongswan/configs/responder/ipsec.conf
diff options
context:
space:
mode:
authorFilip Tehlar <ftehlar@cisco.com>2021-02-20 02:26:17 +0000
committerBeno�t Ganne <bganne@cisco.com>2021-03-04 14:57:54 +0000
commitd5a3380c65a8ab9e317b8b51a92d50b70e2a9481 (patch)
treeb300ea5fddc7aa59af5d97d50bdd9d6f65a925da /extras/strongswan/configs/responder/ipsec.conf
parent619fc7e3e82b62acf28078853860c9f9803a9dc4 (diff)
misc: add ikev2 tests usecases
Type: test Ticket: VPP-1893 Change-Id: Ib6ffd00e73f7110bf9e702f4a0fd5c68395d6786 Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
Diffstat (limited to 'extras/strongswan/configs/responder/ipsec.conf')
-rw-r--r--extras/strongswan/configs/responder/ipsec.conf23
1 files changed, 23 insertions, 0 deletions
diff --git a/extras/strongswan/configs/responder/ipsec.conf b/extras/strongswan/configs/responder/ipsec.conf
new file mode 100644
index 00000000000..7ca0d413495
--- /dev/null
+++ b/extras/strongswan/configs/responder/ipsec.conf
@@ -0,0 +1,23 @@
+config setup
+ strictcrlpolicy=no
+
+conn initiator
+ mobike=no
+ auto=add
+ type=tunnel
+ keyexchange=ikev2
+ ike=aes256gcm16-prfsha256-modp2048!
+ esp=aes256gcm16-esn!
+ lifetime=1h
+
+# local:
+ leftauth=psk
+ leftid=@roadwarrior.vpn.example.com
+ leftsubnet=192.168.5.0/24
+
+# remote: (gateway)
+ rightid=@vpp.home
+ right=192.168.10.2
+ rightauth=psk
+ rightsubnet=192.168.3.0/24
+