![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to swanctl.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-11 / hosts / moon / etc / swanctl|
Return to swanctl.conf CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-11 / hosts / moon / etc / swanctl |
1.1 misho 1: connections {
2:
3: rw-allow {
4: local_addrs = 192.168.0.1
5:
6: local {
7: auth = eap-ttls
8: id = moon.strongswan.org
9: }
10: remote {
11: auth = eap-ttls
12: id = *@strongswan.org
13: groups = allow
14: }
15: children {
16: rw-allow {
17: local_ts = 10.1.0.0/28
18:
19: updown = /usr/local/libexec/ipsec/_updown iptables
20: esp_proposals = aes128gcm16-modp3072
21: }
22: }
23: version = 2
24: send_certreq = no
25: proposals = aes128-sha256-modp3072
26: }
27:
28: rw-isolate {
29: local_addrs = 192.168.0.1
30:
31: local {
32: auth = eap-ttls
33: id = moon.strongswan.org
34: }
35: remote {
36: auth = eap-ttls
37: id = *@strongswan.org
38: groups = isolate
39: }
40: children {
41: rw-isolate {
42: local_ts = 10.1.0.16/28
43:
44: updown = /usr/local/libexec/ipsec/_updown iptables
45: esp_proposals = aes128gcm16-modp3072
46: }
47: }
48: version = 2
49: send_certreq = no
50: proposals = aes128-sha256-modp3072
51: }
52: }
53:
54: secrets {
55:
56: eap-carol {
57: id = carol@strongswan.org
58: secret = "Ar3etTnp"
59: }
60: eap-dave {
61: id = dave@strongswan.org
62: secret = "W7R0g3do"
63: }
64: }