enable image building for openwrt demo

Change-Id: Id464f064e9a7c4a55244c3cec4b3303a4ed0a889
Signed-off-by: Bin Lu <bin.lu@arm.com>

2 files changed, 34 insertions, 0 deletions

diff --git a/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf
new file mode 100644
index 0000000..9310276
--- /dev/null
+++ b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf
@@ -0,0 +1,29 @@
+config setup
+    charondebug="ike 1, knl 1, cfg 0"
+    uniqueids=no
+
+conn ikev2-vpn
+    auto=add
+    compress=no
+    type=tunnel
+    keyexchange=ikev2
+    fragmentation=yes
+    forceencaps=yes
+    ike=aes256-sha1-modp1024,3des-sha1-modp1024!
+    esp=aes256-sha1,3des-sha1!
+    dpdaction=clear
+    dpddelay=300s
+    rekey=no
+    left=%any
+    leftid=testvpn
+    leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem
+    leftsendcert=always
+    leftsubnet=0.0.0.0/0
+    right=%any
+    rightid=%any
+    rightauth=eap-mschapv2
+    rightdns=8.8.8.8,8.8.4.4
+    rightsourceip=192.168.10.0/24
+    rightsendcert=never
+    eap_identity=%identity
+	
diff --git a/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets
new file mode 100644
index 0000000..da553b7
--- /dev/null
+++ b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets
@@ -0,0 +1,5 @@
+# /etc/ipsec.secrets - strongSwan IPsec secrets file
+testvpn : RSA "/etc/ipsec.d/private/vpn-server-key.pem"
+test %any% : EAP "arm"
+test2 %any% : EAP "arm"
+test3 %any% : EAP "arm"