openswan/ipsec.conf

83 lines
2.0 KiB
Plaintext
Raw Permalink Normal View History

# /etc/ipsec.conf - FreeS/WAN IPsec configuration file
# RCSID $Id: ipsec.conf.in,v 1.11 2003/06/13 23:28:41 sam Exp $
# This file: /usr/share/doc/freeswan/ipsec.conf-sample
#
# Manual: ipsec.conf.5
#
# Help:
# http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/quickstart.html
# http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/config.html
# http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/adv_config.html
#
# Policy groups are enabled by default. See:
# http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/policygroups.html
#
# Examples:
# http://www.freeswan.org/freeswan_trees/freeswan-2.04/doc/examples
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
#klipsdebug=all
#plutodebug=dns
#interfaces="ipsec0=eth1"
#
# Note: default ipsec interface is take from %defaultroute
# if interfaces is modified from default %defaultroute is
# no longer valid
# disable OE (eg. policy groups and packetdefault)
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
conn clear-or-private
auto=ignore
# sample VPN connections
#conn net2net
# left=10.10.10.5
# leftsubnet=192.168.1.0/24
# leftnexthop=10.10.10.1
# right=10.20.20.2
# rightsubnet=10.30.30.0/24
# rightrsasigkey= # usually output of 'ipsec showhostkey --right' on remote host
# auto=add
#conn net2host
# left=10.10.10.5
# leftsubnet=192.168.1.0/24
# leftnexthop=10.10.10.1
# right=%any
# rightid=@jimhall.in-qinet.it
# rightrsasigkey= # usually output of 'ipsec showhostkey --right' on remote host
# auto=add
#conn host2net
# left=%defaultroute
# leftid=@jimhall.in-qinet.it
# right=10.10.10.5
# rightsubnet=192.168.1.0/24
# rightrsasigkey= # usually output of 'ipsec showhostkey --right' on remote host
# auto=add
# Add connections here