------------------------------------------------------------------------------ moon: ------------------------------------------------------------------------------ # /etc/ipsec.conf - strongSwan IPsec configuration file config setup charonstart=no plutodebug="control controlmore oppo dns" conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev1 ike=aes128-sha256-modp2048! esp=aes128-sha256! ------------------------------------------------------------------------------ # /etc/ipsec.secrets - strongSwan IPsec secrets file : RSA moonKey.der ------------------------------------------------------------------------------ # /etc/strongswan.conf - strongSwan configuration file ------------------------------------------------------------------------------ # /etc/resolv.conf nameserver 192.168.0.150 ------------------------------------------------------------------------------ ipsec whack --name dns --id @moon.strongswan.org --host 192.168.0.1 --nexthop=192.168.0.2 --dnskeyondemand --to --host 192.168.0.2 --id @sun.strongswan.org --dnskeyondemand --rsasig --pfs --encrypt --ike aes128-sha256-modp2048! ipsec whack --keyid @moon.strongswan.org --pubkeyrsa 0sAQN+mkeECF5Bm7XnDkkkfmgny/TZndTkN1XzFZWB7nJroM3cTk3zMtdSPX8hY9GQxVGWSsmUBq7mGA5Qx39JpRNpyzxW7wRcMbwqDquG1PRfblLzV1ixdXOGSLUNaXonqDI/h5fCkqTuZtLbE4q3Pf4PmQAwzWVWaTZQ1gXXqUqKlN6218Hm2vbvNRE/CBHuFMmaCz11jckvaPvcqBLZzRTx9b/Mi+qD6xT7k9RpYHmtaGCJ95ed1bY6SZkapgHWu88/3M6bxCzD0KOA3oFbwlkHkFyaGWFB2+fc7L6BfYq0wr/d84tQdOxEn3BwLTrVKo7+6AxDrMi0I+blD2nd9cxj ------------------------------------------------------------------------------ sun: ------------------------------------------------------------------------------ # /etc/ipsec.conf - strongSwan IPsec configuration file config setup charonstart=no plutodebug="control controlmore dns oppo" conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev1 ike=aes128-sha256-modp2048! esp=aes128-sha256! ------------------------------------------------------------------------------ # /etc/ipsec.secrets - strongSwan IPsec secrets file : RSA sunKey.der ------------------------------------------------------------------------------ # /etc/strongswan.conf - strongSwan configuration file ------------------------------------------------------------------------------ # /etc/resolv.conf nameserver 192.168.0.150 ------------------------------------------------------------------------------ ipsec whack --name dns --id @moon.strongswan.org --host 192.168.0.1 --nexthop=192.168.0.2 --dnskeyondemand --to --host 192.168.0.2 --id @sun.strongswan.org --dnskeyondemand --rsasig --pfs --encrypt --ike aes128-sha256-modp2048! ipsec whack --keyid @sun.strongswan.org --pubkeyrsa 0sAQOiSuR9e/WMZFOxK3IdaFBOT2DGoObFDJURejqLcjMpmY2yVbA9Lpc+AEGKxqjb37WG6sVo3fBCDBOAhgmMw9s0b6DTSeXaIQloqW1M8IC+xe1fT+F0BsW1ttaEN0WTF5H+J+a4/arYg4HyiA+sjoqHagnCVPM15Rm5mkmg913XmSCgtkenD4WUq+NfPLuOcggqTjHAAoGD0doswRa3sebyqHQNAb32PXW9ecKi9ExcPrdr5hR5uNXRMYGumBtoxcE6xEvCM/sPRK1hbyynixc5nfMQ5Ymb4mdCUotUGaCyKDa4pF58sYgP6xpd/HXMXGdRP+KxqA4sfes46gp8UuJT