pinecrypt-gateway-backend/pinecrypt/server/templates/ipsec.conf

22 lines
504 B
Plaintext

config setup
strictcrlpolicy=yes
charondebug="cfg 2"
ca authority
auto=add
cacert=/server-secrets/ca_cert.pem
conn s2c
auto=add
keyexchange=ikev2
left={{ authority_namespace }}
leftsendcert=always
leftallowany=yes
leftcert=/server-secrets/self_cert.pem
leftsubnet={% for subnet in push %}{{ subnet }},{% endfor %}
leftupdown=/helpers/updown.py
right=%any
rightsourceip={{ slot4 }}{% if slot6 %},{{ slot6 }}{% endif %}
ike={{ strongswan_ike }}!
esp={{ strongswan_esp }}!