mirror of
https://github.com/laurivosandi/certidude
synced 2024-12-23 00:25:18 +00:00
Cleaned up ipsec.conf templates
This commit is contained in:
parent
03d727fca9
commit
0a92589f41
@ -13,7 +13,7 @@ conn %default
|
|||||||
keyexchange=ikev2
|
keyexchange=ikev2
|
||||||
dpdaction={{dpdaction}}
|
dpdaction={{dpdaction}}
|
||||||
|
|
||||||
conn home
|
conn client-to-site
|
||||||
auto={{auto}}
|
auto={{auto}}
|
||||||
left=%defaultroute # Use IP of default route for listening
|
left=%defaultroute # Use IP of default route for listening
|
||||||
leftsourceip=%config # Accept server suggested virtual IP as inner address for tunnel
|
leftsourceip=%config # Accept server suggested virtual IP as inner address for tunnel
|
||||||
@ -23,5 +23,4 @@ conn home
|
|||||||
right={{remote}} # Gateway IP address
|
right={{remote}} # Gateway IP address
|
||||||
rightid=%any # Allow any common name
|
rightid=%any # Allow any common name
|
||||||
rightsubnet=0.0.0.0/0 # Accept all subnets suggested by server
|
rightsubnet=0.0.0.0/0 # Accept all subnets suggested by server
|
||||||
#rightcert=server.pem
|
|
||||||
|
|
||||||
|
@ -12,7 +12,7 @@ conn %default
|
|||||||
keyingtries=1
|
keyingtries=1
|
||||||
keyexchange=ikev2
|
keyexchange=ikev2
|
||||||
|
|
||||||
conn rw
|
conn site-to-clients
|
||||||
auto=add
|
auto=add
|
||||||
right=%any # Allow connecting from any IP address
|
right=%any # Allow connecting from any IP address
|
||||||
rightsourceip={{subnet}} # Serve virtual IP-s from this pool
|
rightsourceip={{subnet}} # Serve virtual IP-s from this pool
|
||||||
|
Loading…
Reference in New Issue
Block a user