Xauth-pam-strongswan: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
| Zeile 9: | Zeile 9: | ||
leftid=@nagus.xxx.de | leftid=@nagus.xxx.de | ||
leftauth=pubkey | leftauth=pubkey | ||
| − | leftcert= | + | leftcert=/etc/letsencrypt/live/nagus.xxx.de/fullchain.pem |
leftsendcert=always | leftsendcert=always | ||
leftsubnet=0.0.0.0/0 | leftsubnet=0.0.0.0/0 | ||
| Zeile 18: | Zeile 18: | ||
auto=add | auto=add | ||
</pre> | </pre> | ||
| + | |||
==ipsec.secrets== | ==ipsec.secrets== | ||
*cat /etc/ipsec.secrets | *cat /etc/ipsec.secrets | ||
Version vom 28. November 2018, 09:15 Uhr
Install Modul
- apt-get install strongswan-plugin-xauth-pam
Config
ipsec.conf
- cat /etc/ipsec.conf
conn android_vpn left=10.134.2.5 leftid=@nagus.xxx.de leftauth=pubkey leftcert=/etc/letsencrypt/live/nagus.xxx.de/fullchain.pem leftsendcert=always leftsubnet=0.0.0.0/0 right=%any rightauth=xauth-pam rightsourceip=10.79.128.0/24 esp=aes-sha1! auto=add
ipsec.secrets
- cat /etc/ipsec.secrets
@nagus.xxx.de : RSA /etc/letsencrypt/live/nagus.xxx.de/privkey.pem
xauth-pam
- /etc/strongswan.d/charon/xauth-pam.conf
xauth-pam {
load = yes
pam_service = ipsec
}