diff options
Diffstat (limited to 'src/arm/openwrt_demo/1_buildimage/resources/ipsec')
| -rw-r--r-- | src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf | 29 | ||||
| -rw-r--r-- | src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets | 5 |
2 files changed, 34 insertions, 0 deletions
diff --git a/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf new file mode 100644 index 0000000..9310276 --- /dev/null +++ b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.conf @@ -0,0 +1,29 @@ +config setup + charondebug="ike 1, knl 1, cfg 0" + uniqueids=no + +conn ikev2-vpn + auto=add + compress=no + type=tunnel + keyexchange=ikev2 + fragmentation=yes + forceencaps=yes + ike=aes256-sha1-modp1024,3des-sha1-modp1024! + esp=aes256-sha1,3des-sha1! + dpdaction=clear + dpddelay=300s + rekey=no + left=%any + leftid=testvpn + leftcert=/etc/ipsec.d/certs/vpn-server-cert.pem + leftsendcert=always + leftsubnet=0.0.0.0/0 + right=%any + rightid=%any + rightauth=eap-mschapv2 + rightdns=8.8.8.8,8.8.4.4 + rightsourceip=192.168.10.0/24 + rightsendcert=never + eap_identity=%identity + diff --git a/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets new file mode 100644 index 0000000..da553b7 --- /dev/null +++ b/src/arm/openwrt_demo/1_buildimage/resources/ipsec/ipsec.secrets @@ -0,0 +1,5 @@ +# /etc/ipsec.secrets - strongSwan IPsec secrets file +testvpn : RSA "/etc/ipsec.d/private/vpn-server-key.pem" +test %any% : EAP "arm" +test2 %any% : EAP "arm" +test3 %any% : EAP "arm" |