summaryrefslogtreecommitdiffstats
path: root/extras/strongswan/vpp_sswan/swanctl.conf
blob: f3e7a78101ff26047744b041f564b4200cd661ed (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
connections {
  net-net {
    local_addrs = 192.168.0.2
    remote_addrs = 192.168.0.1
    local {
      auth = psk
      id = sun.strongswan.org
    }
    remote {
      auth = psk
      id = moon.strongswan.org
    }
    children {
      net-net {
        local_ts = 192.168.200.0/24
        remote_ts = 192.168.100.0/24
        esp_proposals = aes128-sha1-modp2048
        rekey_time = 240m
      }
    }
    version = 2
    mobike = yes
    encap = no # NAT-T if needed
    proposals = aes128-sha256-x25519
    }
}
secrets {
  ike-net-net {
    id = moon.strongswan.org
    secret = simplepsk
  }
}

# Include config snippets
include conf.d/*.conf