From d5a3380c65a8ab9e317b8b51a92d50b70e2a9481 Mon Sep 17 00:00:00 2001
From: Filip Tehlar <ftehlar@cisco.com>
Date: Sat, 20 Feb 2021 02:26:17 +0000
Subject: misc: add ikev2 tests usecases

Type: test
Ticket: VPP-1893

Change-Id: Ib6ffd00e73f7110bf9e702f4a0fd5c68395d6786
Signed-off-by: Filip Tehlar <ftehlar@cisco.com>
---
 extras/strongswan/configs/initiator/ipsec.conf | 22 ++++++++++++++++++++++
 1 file changed, 22 insertions(+)
 create mode 100644 extras/strongswan/configs/initiator/ipsec.conf

(limited to 'extras/strongswan/configs/initiator/ipsec.conf')

diff --git a/extras/strongswan/configs/initiator/ipsec.conf b/extras/strongswan/configs/initiator/ipsec.conf
new file mode 100644
index 00000000000..6a7c0f6bbea
--- /dev/null
+++ b/extras/strongswan/configs/initiator/ipsec.conf
@@ -0,0 +1,22 @@
+config setup
+  strictcrlpolicy=no
+
+conn initiator
+  mobike=no
+  auto=add
+  type=tunnel
+  keyexchange=ikev2
+  ike=aes256gcm16-prfsha256-modp2048!
+  esp=aes256gcm16-esn!
+
+# local:
+  leftauth=psk
+  leftid=@sswan.vpn.example.com
+  leftsubnet=192.168.5.0/24
+
+# remote: (gateway)
+  rightid=@roadwarrior.vpp
+  right=192.168.10.2
+  rightauth=psk
+  rightsubnet=192.168.3.0/24
+
-- 
cgit 1.2.3-korg