![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to swanctl.conf CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-20-pdp-eap / hosts / moon / etc / swanctl|
Return to swanctl.conf CVS log | Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / tnc / tnccs-20-pdp-eap / hosts / moon / etc / swanctl |
1.1 misho 1: connections {
2:
3: rw-allow {
4: local_addrs = 192.168.0.1
5:
6: local {
7: auth = pubkey
8: id = moon.strongswan.org
9: certs = moonCert.pem
10: }
11: remote {
12: auth = eap-radius
13: eap_id = %any
14: groups = allow
15: }
16: children {
17: rw-allow {
18: local_ts = 10.1.0.0/28
19:
20: updown = /usr/local/libexec/ipsec/_updown iptables
21: esp_proposals = aes128gcm16-modp3072
22: }
23: }
24: version = 2
25: send_certreq = no
26: proposals = aes128-sha256-modp3072
27: }
28:
29: rw-isolate {
30: local_addrs = 192.168.0.1
31:
32: local {
33: auth = pubkey
34: id = moon.strongswan.org
35: }
36: remote {
37: auth = eap-radius
38: eap_id = %any
39: groups = isolate
40: }
41: children {
42: rw-isolate {
43: local_ts = 10.1.0.16/28
44:
45: updown = /usr/local/libexec/ipsec/_updown iptables
46: esp_proposals = aes128gcm16-modp3072
47: }
48: }
49: version = 2
50: send_certreq = no
51: proposals = aes128-sha256-modp3072
52: }
53: }