Submitted by peter on Mon, 27/08/2018 - 16:19
- PSK
- strongswan
- For accessing VLAB hosts ONLY! (just the 5 IP addresses)
ipsec.conf
config setup
# strictcrlpolicy=yes
# uniqueids = no
charondebug = enc 1, cfg 2, ike 1, knl 1
# Add connections here.
conn %default
ikelifetime = 60m
keylife = 20m
rekeymargin = 3m
keyingtries = 1
keyexchange = ikev2
conn vlab_ikev2-apple
auto = add
type = tunnel
fragmentation = yes
dpdaction = clear
dpddelay = 300s
rekey = yes
ike = aes128-aes256-sha256-modp1024-modp2048!
left = 129.94.242.253
leftid = vlab
leftauth = psk
leftsubnet = 129.94.242.114, 129.94.242.115, 129.94.242.116, 129.94.242.117, 129.94.242.118
right = %any
rightauth = psk
rightsourceip = 172.19.192.0/21
ipsec.secrets
%any vlab : PSK "myvlab"
VPN configuration on iOS