diff options
| author | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
|---|---|---|
| committer | Yves-Alexis Perez <corsac@debian.org> | 2018-09-24 15:11:14 +0200 |
| commit | e0e280b7669435b991b7e457abd8aa450930b3e8 (patch) | |
| tree | 3e6084f13b14ad2df104e2ce6e589eb96c5f7ac9 /README | |
| parent | 51a71ee15c1bcf0e82f363a16898f571e211f9c3 (diff) | |
| download | vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.tar.gz vyos-strongswan-e0e280b7669435b991b7e457abd8aa450930b3e8.zip | |
New upstream version 5.7.0
Diffstat (limited to 'README')
| -rw-r--r-- | README | 80 |
1 files changed, 40 insertions, 40 deletions
@@ -57,7 +57,7 @@ Configuration on gateway _moon_: local_ts = 10.1.0.0/16 remote_ts = 10.2.0.0/16 start_action = trap - } + } } } } @@ -87,7 +87,7 @@ Configuration on gateway _sun_: local_ts = 10.2.0.0/16 remote_ts = 10.1.0.0/16 start_action = trap - } + } } } } @@ -116,7 +116,7 @@ connections we will use the default IPsec tunnel mode. | 192.168.0.1 | === | 192.168.0.2 | moon sun - Configuration on host _moon_: +Configuration on host _moon_: /etc/swanctl/x509ca/strongswanCert.pem /etc/swanctl/x509/moonCert.pem @@ -167,7 +167,7 @@ Configuration on host _sun_: children { host-host { start_action = trap - } + } } } } @@ -215,7 +215,7 @@ Configuration on roadwarrior _carol_: /etc/swanctl/swanctl.conf: - connections { + connections { home { remote_addrs = moon.strongswan.org @@ -315,7 +315,7 @@ Configuration on roadwarrior _carol_: /etc/swanctl/swanctl.conf: - connections { + connections { home { remote_addrs = moon.strongswan.org vips = 0.0.0.0 @@ -378,16 +378,16 @@ Configuration on gateway _moon_: The `swanctl.conf` file additionally contains a `secrets` section defining all client credentials - secrets { - eap-carol { - id = carol@strongswan.org - secret = Ar3etTnp - } - eap-dave { - id = dave@strongswan.org - secret = W7R0g3do - } - } + secrets { + eap-carol { + id = carol@strongswan.org + secret = Ar3etTnp + } + eap-dave { + id = dave@strongswan.org + secret = W7R0g3do + } + } Configuration on roadwarrior _carol_: @@ -395,7 +395,7 @@ Configuration on roadwarrior _carol_: /etc/swanctl/swanctl.conf: - connections { + connections { home { remote_addrs = moon.strongswan.org @@ -416,12 +416,12 @@ Configuration on roadwarrior _carol_: } } - secrets { - eap-carol { - id = carol@strongswan.org - secret = Ar3etTnp - } - } + secrets { + eap-carol { + id = carol@strongswan.org + secret = Ar3etTnp + } + } ### Roadwarrior Case with EAP Identity ### @@ -461,16 +461,16 @@ Configuration on gateway _moon_: } } - secrets { - eap-carol { - id = carol - secret = Ar3etTnp - } - eap-dave { - id = dave - secret = W7R0g3do - } - } + secrets { + eap-carol { + id = carol + secret = Ar3etTnp + } + eap-dave { + id = dave + secret = W7R0g3do + } + } Configuration on roadwarrior _carol_: @@ -478,7 +478,7 @@ Configuration on roadwarrior _carol_: /etc/swanctl/swanctl.conf: - connections { + connections { home { remote_addrs = moon.strongswan.org @@ -499,12 +499,12 @@ Configuration on roadwarrior _carol_: } } - secrets { - eap-carol { - id = carol - secret = Ar3etTnp - } - } + secrets { + eap-carol { + id = carol + secret = Ar3etTnp + } + } ## Generating Certificates and CRLs ## |