Skip to content

Instantly share code, notes, and snippets.

@mohsenk

mohsenk/ipsec.conf

Last active September 21, 2018 14:03
Show Gist options
  • Save mohsenk/4d54f59f312ef6f2835c333591e40708 to your computer and use it in GitHub Desktop.
Save mohsenk/4d54f59f312ef6f2835c333591e40708 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
ipsec.conf
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.42.0/23
protostack=netkey
nhelpers=0
interfaces=%defaultroute
uniqueids=no
conn shared
left=172.17.0.2
leftid=46.101.137.216
right=%any
encapsulation=yes
authby=secret
pfs=no
rekey=no
keyingtries=5
dpddelay=30
dpdtimeout=120
dpdaction=clear
ike=3des-sha1,3des-sha2,aes-sha1,aes-sha1;modp1024,aes-sha2,aes-sha2;modp1024,aes256-sha2_512
phase2alg=3des-sha1,3des-sha2,aes-sha1,aes-sha2,aes256-sha2_512
sha2-truncbug=yes
conn l2tp-psk
auto=add
leftsubnet=172.17.0.2/32
leftnexthop=%defaultroute
leftprotoport=17/1701
rightprotoport=17/%any
type=transport
phase2=esp
also=shared
conn xauth-psk
auto=add
leftsubnet=0.0.0.0/0
rightaddresspool=192.168.43.10-192.168.43.250
modecfgdns1=8.8.8.8
modecfgdns2=8.8.4.4
leftxauthserver=yes
rightxauthclient=yes
leftmodecfgserver=yes
rightmodecfgclient=yes
modecfgpull=yes
xauthby=file
ike-frag=yes
ikev2=never
cisco-unity=yes
also=shared
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment