mirror of
https://github.com/apache/cloudstack.git
synced 2025-11-03 04:12:31 +01:00
49 lines
1.5 KiB
Plaintext
49 lines
1.5 KiB
Plaintext
# /etc/ipsec.conf - Openswan IPsec configuration file
|
|
|
|
# This file: /usr/share/doc/openswan/ipsec.conf-sample
|
|
#
|
|
# Manual: ipsec.conf.5
|
|
|
|
|
|
version 2.0 # conforms to second version of ipsec.conf specification
|
|
|
|
# basic configuration
|
|
config setup
|
|
# Do not set debug options to debug configuration issues!
|
|
# plutodebug / klipsdebug = "all", "none" or a combation from below:
|
|
# "raw crypt parsing emitting control klips pfkey natt x509 dpd private"
|
|
# eg:
|
|
# plutodebug="control parsing"
|
|
#
|
|
# enable to get logs per-peer
|
|
# plutoopts="--perpeerlog"
|
|
#
|
|
# Again: only enable plutodebug or klipsdebug when asked by a developer
|
|
#
|
|
# NAT-TRAVERSAL support, see README.NAT-Traversal
|
|
nat_traversal=yes
|
|
# exclude networks used on server side by adding %v4:!a.b.c.0/24
|
|
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
|
|
# OE is now off by default. Uncomment and change to on, to enable.
|
|
oe=off
|
|
# which IPsec stack to use. auto will try netkey, then klips then mast
|
|
protostack=auto
|
|
|
|
|
|
# Add connections here
|
|
|
|
# sample VPN connection
|
|
# for more examples, see /etc/ipsec.d/examples/
|
|
#conn sample
|
|
# # Left security gateway, subnet behind it, nexthop toward right.
|
|
# left=10.0.0.1
|
|
# leftsubnet=172.16.0.0/24
|
|
# leftnexthop=10.22.33.44
|
|
# # Right security gateway, subnet behind it, nexthop toward left.
|
|
# right=10.12.12.1
|
|
# rightsubnet=192.168.0.0/24
|
|
# rightnexthop=10.101.102.103
|
|
# # To authorize this connection, but not actually start it,
|
|
# # at startup, uncomment this.
|
|
# #auto=add
|