Bug #15604 » IPsec-Configuration.txt
| 1 |
# This file is automatically generated. Do not edit |
|---|---|
| 2 |
connections {
|
| 3 |
bypass {
|
| 4 |
remote_addrs = 127.0.0.1 |
| 5 |
children {
|
| 6 |
bypasslan {
|
| 7 |
local_ts = 172.22.123.0/24 |
| 8 |
remote_ts = 172.22.123.0/24 |
| 9 |
mode = pass |
| 10 |
start_action = trap |
| 11 |
} |
| 12 |
} |
| 13 |
} |
| 14 |
con2 {
|
| 15 |
# P1 (ikeid 2): Multipath Tunnel 1 |
| 16 |
fragmentation = yes |
| 17 |
unique = replace |
| 18 |
version = 2 |
| 19 |
proposals = aes256-sha256-modp2048 |
| 20 |
dpd_delay = 10s |
| 21 |
rekey_time = 25920s |
| 22 |
reauth_time = 0s |
| 23 |
over_time = 2880s |
| 24 |
rand_time = 2880s |
| 25 |
encap = no |
| 26 |
mobike = no |
| 27 |
local_addrs = 172.22.122.2 |
| 28 |
remote_addrs = 172.22.122.1 |
| 29 |
local {
|
| 30 |
id = 172.22.122.2 |
| 31 |
auth = psk |
| 32 |
} |
| 33 |
remote {
|
| 34 |
id = 172.22.122.1 |
| 35 |
auth = psk |
| 36 |
} |
| 37 |
children {
|
| 38 |
con2 {
|
| 39 |
# P2 (reqid 2): Multipath VTI 1 |
| 40 |
policies = no |
| 41 |
life_time = 3600s |
| 42 |
rekey_time = 3240s |
| 43 |
rand_time = 360s |
| 44 |
start_action = start |
| 45 |
remote_ts = 169.254.62.1,0.0.0.0/0,::/0 |
| 46 |
local_ts = 169.254.62.2,0.0.0.0/0,::/0 |
| 47 |
reqid = 5002 |
| 48 |
esp_proposals = aes256gcm128-modp2048,aes256gcm96-modp2048,aes256gcm64-modp2048 |
| 49 |
dpd_action = restart |
| 50 |
} |
| 51 |
} |
| 52 |
} |
| 53 |
con3 {
|
| 54 |
# P1 (ikeid 3): Multipath Tunnel 2 |
| 55 |
fragmentation = yes |
| 56 |
unique = replace |
| 57 |
version = 2 |
| 58 |
proposals = aes256-sha256-modp2048 |
| 59 |
dpd_delay = 10s |
| 60 |
rekey_time = 25920s |
| 61 |
reauth_time = 0s |
| 62 |
over_time = 2880s |
| 63 |
rand_time = 2880s |
| 64 |
encap = no |
| 65 |
mobike = no |
| 66 |
local_addrs = 172.22.122.10 |
| 67 |
remote_addrs = 172.22.122.9 |
| 68 |
local {
|
| 69 |
id = 172.22.122.10 |
| 70 |
auth = psk |
| 71 |
} |
| 72 |
remote {
|
| 73 |
id = 172.22.122.9 |
| 74 |
auth = psk |
| 75 |
} |
| 76 |
children {
|
| 77 |
con3 {
|
| 78 |
# P2 (reqid 3): Multipath VTI 2 |
| 79 |
policies = no |
| 80 |
life_time = 3600s |
| 81 |
rekey_time = 3240s |
| 82 |
rand_time = 360s |
| 83 |
start_action = start |
| 84 |
remote_ts = 169.254.62.5,0.0.0.0/0,::/0 |
| 85 |
local_ts = 169.254.62.6,0.0.0.0/0,::/0 |
| 86 |
reqid = 5003 |
| 87 |
esp_proposals = aes256gcm128-modp2048,aes256gcm96-modp2048,aes256gcm64-modp2048 |
| 88 |
dpd_action = restart |
| 89 |
} |
| 90 |
} |
| 91 |
} |
| 92 |
} |
| 93 |
secrets {
|
| 94 |
ike-0 {
|
| 95 |
secret = <redacted> |
| 96 |
id-0 = %any |
| 97 |
id-1 = 172.22.122.1 |
| 98 |
} |
| 99 |
ike-1 {
|
| 100 |
secret = <redacted> |
| 101 |
id-0 = %any |
| 102 |
id-1 = 172.22.122.9 |
| 103 |
} |
| 104 |
} |
