connections { | |
net-net { | |
local_addrs = 192.168.0.2 | |
remote_addrs = 192.168.0.1 | |
local { | |
auth = psk | |
id = sun.strongswan.org | |
} | |
remote { | |
auth = psk | |
id = moon.strongswan.org | |
} | |
children { | |
net-net { | |
local_ts = 192.168.200.0/24 | |
remote_ts = 192.168.100.0/24 | |
esp_proposals = aes128-sha1-modp2048 | |
rekey_time = 240m | |
} | |
} | |
version = 2 | |
mobike = yes | |
encap = no # NAT-T if needed | |
proposals = aes128-sha256-x25519 | |
} | |
} | |
secrets { | |
ike-net-net { | |
id = moon.strongswan.org | |
secret = simplepsk | |
} | |
} | |
# Include config snippets | |
include conf.d/*.conf |