yes its there!!! this is
root@srv1:~# cat /etc/ipsec.conf version 2.0 config setup virtual-private=%v4: 10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.50.0.0/24,%v4:!10.50.1.0/24 protostack=netkey interfaces=%defaultroute uniqueids=no conn shared left=%defaultroute leftid=195.95.65.10 right=%any encapsulation=yes authby=secret pfs=no rekey=no keyingtries=5 dpddelay=30 dpdtimeout=120 dpdaction=clear ike=aes256-sha2,aes128-sha2,aes256-sha1,aes128-sha1,aes256-sha2;modp1024,aes128-sha1;modp1024 phase2alg=aes_gcm-null,aes128-sha1,aes256-sha1,aes256-sha2_512,aes128-sha2,aes256-sha2 sha2-truncbug=yes conn l2tp-psk auto=add leftprotoport=17/1701 rightprotoport=17/%any type=transport phase2=esp also=shared conn xauth-psk auto=add leftsubnet=0.0.0.0/0 *rightaddresspool=10.50.1.2-10.50.1.3 (by the way is there a way to give a static in the other side??? i dont want pool)..* modecfgdns="8.8.8.8 8.8.4.4" leftxauthserver=yes rightxauthclient=yes leftmodecfgserver=yes rightmodecfgclient=yes modecfgpull=yes xauthby=file ike-frag=yes ikev2=never cisco-unity=yes also=shared root@srv1:~# Many thanks!!! On Thu, Jan 10, 2019 at 7:23 PM Paul Wouters <[email protected]> wrote: > On Thu, 10 Jan 2019, Antonios Katsouros wrote: > > > root@srv1:/etc/ipsec.d# ls > > cert9.db key4.db passwd pkcs11.txt policies > > check /etc/ipsec.conf > > Paul >
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
