# ipsec.conf - strongSwan IPsec configuration file # basic configuration config setup # strictcrlpolicy=yes # uniqueids = no charondebug="ike 4, knl 4, cfg 3, chd 4" # Add connections here. conn vpn_smb type=tunnel leftfirewall=yes rightauth=pubkey leftauth=eap-gtc keyexchange=ikev2 eap_identity=user1 left=%any leftsourceip=%config right=X.X.X.X rightid=X.X.X.X rightsubnet=10.100.9.0/24 ike=aes256-sha1-modp1024 esp=3des-sha1 ikelifetime=24h lifetime=1h reauth=yes rekey=yes margintime=1m rekeyfuzz=0% auto=add dpdaction=restart dpddelay=30s dpdtimeout=60s # Sample VPN connections #conn sample-self-signed # leftsubnet=10.1.0.0/16 # leftcert=selfCert.der # leftsendcert=never # right=192.168.0.2 # rightsubnet=10.2.0.0/16 "/etc/ipsec.conf" 52L, 1057B