summaryrefslogtreecommitdiffstats
path: root/extras/strongswan/vpp_sswan/swanctl.conf
diff options
context:
space:
mode:
Diffstat (limited to 'extras/strongswan/vpp_sswan/swanctl.conf')
-rw-r--r--extras/strongswan/vpp_sswan/swanctl.conf35
1 files changed, 35 insertions, 0 deletions
diff --git a/extras/strongswan/vpp_sswan/swanctl.conf b/extras/strongswan/vpp_sswan/swanctl.conf
new file mode 100644
index 00000000000..f3e7a78101f
--- /dev/null
+++ b/extras/strongswan/vpp_sswan/swanctl.conf
@@ -0,0 +1,35 @@
+connections {
+ net-net {
+ local_addrs = 192.168.0.2
+ remote_addrs = 192.168.0.1
+ local {
+ auth = psk
+ id = sun.strongswan.org
+ }
+ remote {
+ auth = psk
+ id = moon.strongswan.org
+ }
+ children {
+ net-net {
+ local_ts = 192.168.200.0/24
+ remote_ts = 192.168.100.0/24
+ esp_proposals = aes128-sha1-modp2048
+ rekey_time = 240m
+ }
+ }
+ version = 2
+ mobike = yes
+ encap = no # NAT-T if needed
+ proposals = aes128-sha256-x25519
+ }
+}
+secrets {
+ ike-net-net {
+ id = moon.strongswan.org
+ secret = simplepsk
+ }
+}
+
+# Include config snippets
+include conf.d/*.conf