diff options
author | Christian Poessinger <christian@poessinger.com> | 2021-07-03 15:52:26 +0200 |
---|---|---|
committer | Christian Poessinger <christian@poessinger.com> | 2021-07-04 11:57:15 +0200 |
commit | b2bf1592189fb9298f2a68272418a132a73f37bf (patch) | |
tree | 20599766a0c4d23bc0defb1add6e28221669836a /src/etc/systemd/system/conserver-server.service.d | |
parent | ce3847239493d76bd0462e2a7b1f5cca41c57457 (diff) | |
download | vyos-1x-b2bf1592189fb9298f2a68272418a132a73f37bf.tar.gz vyos-1x-b2bf1592189fb9298f2a68272418a132a73f37bf.zip |
ipsec: T1210: T1251: IKEv2 road-warrior support
set vpn ipsec esp-group ESP-RW compression 'disable'
set vpn ipsec esp-group ESP-RW lifetime '3600'
set vpn ipsec esp-group ESP-RW pfs 'disable'
set vpn ipsec esp-group ESP-RW proposal 10 encryption 'aes256'
set vpn ipsec esp-group ESP-RW proposal 10 hash 'sha256'
set vpn ipsec esp-group ESP-RW proposal 20 encryption 'aes256'
set vpn ipsec esp-group ESP-RW proposal 20 hash 'sha1'
set vpn ipsec ike-group IKE-RW key-exchange 'ikev2'
set vpn ipsec ike-group IKE-RW lifetime '10800'
set vpn ipsec ike-group IKE-RW mobike 'enable'
set vpn ipsec ike-group IKE-RW proposal 10 dh-group '2'
set vpn ipsec ike-group IKE-RW proposal 10 encryption 'aes256'
set vpn ipsec ike-group IKE-RW proposal 10 hash 'sha1'
set vpn ipsec ike-group IKE-RW proposal 20 dh-group '2'
set vpn ipsec ike-group IKE-RW proposal 20 encryption 'aes128'
set vpn ipsec ike-group IKE-RW proposal 20 hash 'sha1'
set vpn ipsec ipsec-interfaces interface 'dum0'
set vpn ipsec remote-access rw authentication id 'vyos'
set vpn ipsec remote-access rw authentication local-users username vyos password vyos
set vpn ipsec remote-access rw authentication x509 ca-certificate 'peer_172-18-254-202'
set vpn ipsec remote-access rw authentication x509 certificate 'peer_172-18-254-202'
set vpn ipsec remote-access rw description 'asdf'
set vpn ipsec remote-access rw esp-group 'ESP-RW'
set vpn ipsec remote-access rw ike-group 'IKE-RW'
Diffstat (limited to 'src/etc/systemd/system/conserver-server.service.d')
0 files changed, 0 insertions, 0 deletions