Strongswan-strongswan-dynamische-ip-cert: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
Thomas (Diskussion | Beiträge) |
Thomas (Diskussion | Beiträge) |
||
| Zeile 22: | Zeile 22: | ||
=tiazel.vpn.int= | =tiazel.vpn.int= | ||
| + | */etc/ipsec.d/certs/tiazel.vpn.int.crt | ||
| + | */etc/ipsec.d/private/tiazel.vpn.int.key | ||
| + | */etc/ipsec.d/cacerts/ca.crt | ||
| + | |||
*/etc/ipsec.conf | */etc/ipsec.conf | ||
<pre> | <pre> | ||
Version vom 7. Dezember 2017, 18:50 Uhr
gustavo.vpn
- /etc/ipsec.conf
conn tiazel-gustavo
authby=rsasig
keyexchange=ikev1
left=%any
leftid="C=de, ST=rp, L=zw, O=vogel-it, OU=it, CN=tiazel.vpn.int"
leftsubnet="10.83.32.0/24"
right=10.84.252.33
rightcert=gustavo.vpn.int.crt
rightid="C=de, ST=rp, L=zw, O=vogel-it, OU=it, CN=gustavo.vpn.int"
rightsubnet=10.83.33.0/24
auto=add
- /etc/ipsec.secret
: RSA gustavo.vpn.int.key ""
- /etc/ipsec.d/certs/gustavo.vpn.int.crt
- /etc/ipsec.d/private/gustavo.vpn.int.key
- /etc/ipsec.d/cacerts/ca.crt
tiazel.vpn.int
- /etc/ipsec.d/certs/tiazel.vpn.int.crt
- /etc/ipsec.d/private/tiazel.vpn.int.key
- /etc/ipsec.d/cacerts/ca.crt
- /etc/ipsec.conf
conn tiazel-gustavo
authby=rsasig
keyexchange=ikev1
leftcert=tiazel.vpn.int.crt
leftid="C=de, ST=rp, L=zw, O=vogel-it, OU=it, CN=tiazel.vpn.int"
leftsubnet="10.83.32.0/24"
right="10.84.252.33"
rightid="C=de, ST=rp, L=zw, O=vogel-it, OU=it, CN=gustavo.vpn.int"
rightsubnet=10.83.33.0/24
auto=add
- /etc/ipsec.secret
: RSA tiazel.vpn.int.key ""