connections {
rw {
local_addrs = 192.168.0.1
local {
auth = eap-ttls
id = moon.strongswan.org
certs = moonCert.pem
}
remote {
auth = eap-ttls
id = *@strongswan.org
}
children {
rw {
local_ts = 10.1.0.0/16
updown = /usr/local/libexec/ipsec/_updown iptables
esp_proposals = aes128gcm16-modp3072
}
}
version = 2
send_certreq = no
proposals = aes128-sha256-modp3072
}
}
secrets {
eap-carol {
id = carol@strongswan.org
secret = "Ar3etTnp"
}
eap-dave {
id = dave@strongswan.org
secret = "W7R0g3do"
}
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>