Revision fa0a1411
Added by Matthew Smith about 11 years ago
| etc/inc/vpn.inc | ||
|---|---|---|
| 581 | 581 |
if (!empty($ph1ent['authentication_method']) && (strpos($ph1ent['authentication_method'], "xauth") || strpos($ph1ent['authentication_method'], "hybrid"))) |
| 582 | 582 |
$xauth = "xauth = server"; |
| 583 | 583 |
|
| 584 |
$lifeline = ''; |
|
| 584 |
$ikelifeline = '';
|
|
| 585 | 585 |
if ($ph1ent['lifetime']) |
| 586 |
$lifeline = "ikelifetime = {$ph1ent['lifetime']}s";
|
|
| 586 |
$ikelifeline = "ikelifetime = {$ph1ent['lifetime']}s";
|
|
| 587 | 587 |
|
| 588 | 588 |
$remoteid_spec = ''; |
| 589 | 589 |
if (($ph2ent['mode'] == 'tunnel') or ($ph2ent['mode'] == 'tunnel6')) {
|
| ... | ... | |
| 721 | 721 |
} |
| 722 | 722 |
|
| 723 | 723 |
|
| 724 |
$ipseclifetime = ''; |
|
| 724 | 725 |
if ($ph2ent['lifetime']) |
| 725 |
$lifeline = "ikelifetime = {$ph2ent['lifetime']}s";
|
|
| 726 |
$ipseclifeline = "lifetime = {$ph2ent['lifetime']}s";
|
|
| 726 | 727 |
|
| 727 | 728 |
$ipsecconf .=<<<EOD |
| 728 | 729 |
|
| ... | ... | |
| 734 | 735 |
reauth = yes |
| 735 | 736 |
reqid = {$ikeid}
|
| 736 | 737 |
installpolicy = yes |
| 737 |
{$lifeline}
|
|
| 738 |
{$ikelifeline}
|
|
| 739 |
{$ipseclifeline}
|
|
| 738 | 740 |
{$tunneltype}
|
| 739 | 741 |
{$dpdline}
|
| 740 | 742 |
auto = {$passive}
|
Also available in: Unified diff
Fix for #3785 - 'strongswan config being generated with ike SA lifetime set to value of ipsec SA lifetime'