Skip to content

Instantly share code, notes, and snippets.

@aep

aep/client.conf

Last active August 29, 2015 14:00
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save aep/11397002 to your computer and use it in GitHub Desktop.
Save aep/11397002 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
client.conf
#2.2.2.2 PUBLIC SERVER IP
#1.1.1.1 PRIVATE SERVER IP
#192.168.1.130 CLIENT IP BEHIND NAT
# ipsec.conf - strongSwan IPsec configuration file
# basic configuration
config setup
# plutodebug=all
# crlcheckinterval=600
# strictcrlpolicy=yes
# cachecrls=yes
# nat_traversal=yes
# charonstart=yes
# plutostart=yes
conn uplink
#
# connection
#
auto=route
type=transport
forceencaps=yes
#
# the AP (me)
#
left=192.168.1.130
leftprotoport=%any
#
# the endpoint
#
right=2.2.2.2.2
rightid=2.2.2.2
rightsourceip=%config
rightprotoport=%any
rightsubnetwithin=0.0.0.0/0
#
# crypto
#
esp=aes128-md5
keyexchange=ikev2
ike=aes128-sha1-modp2048!
#
# cert stuff
#
rightcert=endpoint1
rightsendcert=never
leftcert=64-1.ap
leftsendcert=never
#
# timeouts
#
dpddelay=30
dpdtimeout=120
dpdaction=clear
Raw
server conf
#2.2.2.2 PUBLIC SERVER IP
#1.1.1.1 PRIVATE SERVER IP
#192.168.1.130 CLIENT IP BEHIND NAT
conn 64-1-ap-o1
auto=route
type=transport
#
left=1.1.1.1
leftid=2.2.2.2
leftsubnet=192.168.1.130/32
leftsourceip=2.2.2.2
#
right=%any
rightsubnetwithin=0.0.0.0/0
forceencaps=yes
#
# crypto
#
esp=aes128-md5
keyexchange=ikev2
ike=aes128-sha1-modp2048!
#
# cert stuff
#
leftcert=endpoint1
leftsendcert=never
rightcert=64-1.ap
rightsendcert=never
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment