Cleaned up ipsec.conf templates

2025-09-07 06:01:03 +00:00 · 2015-10-17 20:36:12 +03:00
parent 03d727fca9
commit 0a92589f41
2 changed files with 2 additions and 3 deletions
--- a/certidude/templates/strongswan-client-to-site.conf
+++ b/certidude/templates/strongswan-client-to-site.conf
@@ -13,7 +13,7 @@ conn %default
 	keyexchange=ikev2
 	dpdaction={{dpdaction}}

-conn home
+conn client-to-site
 	auto={{auto}}
 	left=%defaultroute # Use IP of default route for listening
 	leftsourceip=%config # Accept server suggested virtual IP as inner address for tunnel
@@ -23,5 +23,4 @@ conn home
 	right={{remote}} # Gateway IP address
 	rightid=%any # Allow any common name
 	rightsubnet=0.0.0.0/0 # Accept all subnets suggested by server
-	#rightcert=server.pem

--- a/certidude/templates/strongswan-site-to-client.conf
+++ b/certidude/templates/strongswan-site-to-client.conf
@@ -12,7 +12,7 @@ conn %default
 	keyingtries=1
 	keyexchange=ikev2

-conn rw
+conn site-to-clients
 	auto=add
 	right=%any # Allow connecting from any IP address
 	rightsourceip={{subnet}} # Serve virtual IP-s from this pool