Strongswan-openswan-psk: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
K (→Links) |
|||
| (3 dazwischenliegende Versionen desselben Benutzers werden nicht angezeigt) | |||
| Zeile 14: | Zeile 14: | ||
esp=aes256gcm128-prfsha256-modp4096! | esp=aes256gcm128-prfsha256-modp4096! | ||
auto=start | auto=start | ||
| + | closeaction=restart | ||
| + | dpdaction=restart | ||
| + | dpddelay=10s | ||
</pre> | </pre> | ||
*cat /etc/ipsec.secrets | *cat /etc/ipsec.secrets | ||
@tiazel @rome : PSK "suxer" | @tiazel @rome : PSK "suxer" | ||
| + | |||
=Openswan= | =Openswan= | ||
*cat /etc/ipsec.conf | *cat /etc/ipsec.conf | ||
| Zeile 43: | Zeile 47: | ||
= Links = | = Links = | ||
* [https://docs.strongswan.org/docs/5.9/config/IKEv2CipherSuites.html Strongswan Cipher Suites] | * [https://docs.strongswan.org/docs/5.9/config/IKEv2CipherSuites.html Strongswan Cipher Suites] | ||
| + | * [https://wiki.strongswan.org/projects/strongswan/wiki/ConnSection Ipsec.conf Referenz] | ||
Aktuelle Version vom 19. Februar 2024, 09:03 Uhr
Strongswan
- cat /etc/ipsec.conf
conn o2s
authby=secret
keyexchange=ikev1
left=192.168.252.89
leftid=@tiazel
leftsubnet=10.254.32.0/24
right=192.168.252.200
rightid=@rome
rightsubnet=10.254.31.0/24
ike=aes256gcm128-prfsha256-modp4096!
esp=aes256gcm128-prfsha256-modp4096!
auto=start
closeaction=restart
dpdaction=restart
dpddelay=10s
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"
Openswan
- cat /etc/ipsec.conf
version 2.0
config setup
dumpdir=/var/run/pluto/
nat_traversal=no
oe=off
protostack=netkey
conn o2s
authby=secret
left=192.168.252.200
leftid=@rome
leftsubnet=10.254.31.0/24
right=192.168.252.89
rightid=@tiazel
rightsubnet=10.254.32.0/24
ike=aes256gcm128-prfsha256-modp4096
phase2alg=aes256gcm128-prfsha256-modp4096
auto=start
- cat /etc/ipsec.secrets
@tiazel @rome : PSK "suxer"