Strongswan-swanctl zu strongswan psk ikev2 site to site

Aus Xinux Wiki
Version vom 5. September 2022, 12:54 Uhr von Thomas.will (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „=fw3= ==etc/swanctl/conf.d/swanctl.conf== </pre> connections { net { local_addrs = 10.82.227.112 remote_addrs = 10.82.227.122 local {…“)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Zur Navigation springen Zur Suche springen

fw3

etc/swanctl/conf.d/swanctl.conf

connections { 

  net {
     local_addrs  = 10.82.227.112
     remote_addrs  = 10.82.227.122
     local {
        auth = psk
        id = 10.82.227.112
     }
     remote {
        auth = psk
        id = 10.82.227.122
     }
     children {
        net-1 {
           local_ts  = 10.82.243.0/24
           remote_ts  = 10.82.244.0/24
           start_action = start
           esp_proposals = aes256-sha256-modp4096
        }
     }
     version = 2
     proposals = aes256-sha256-modp4096
  }

} secrets { 

  ike-net {
     id-fw3 = 10.82.227.112
     id-fw4 = 10.82.227.122
     secret = suxer
  }

}

Abgerufen von „http://wiki.ixheim.de/index.php?title=Strongswan-swanctl_zu_strongswan_psk_ikev2_site_to_site&oldid=34598