Strongswan: Unterschied zwischen den Versionen

Aus darkrealm Wiki
Zur Navigation springen Zur Suche springen
← Zum vorherigen VersionsunterschiedZum nächsten Versionsunterschied →
Keine Bearbeitungszusammenfassung
Keine Bearbeitungszusammenfassung
Zeile 4: Zeile 4:
forecast {
forecast {


     # Multicast groups to join locally, allowing forwarding of them.                              
     # Multicast groups to join locally, allowing forwarding of them.
     groups = 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
     groups = 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250


     # Local interface to listen for broadcasts to forward.                                        
     # Local interface to listen for broadcasts to forward.
     interface = BRIDGE_LAN
     interface = BRIDGE_LAN


     # Whether to load the plugin. Can also be an integer to increase the                          
     # Whether to load the plugin. Can also be an integer to increase the
     # priority of this plugin.                                                                    
     # priority of this plugin.
     load = yes
     load = yes


     # CHILD_SA configurations names to perform multi/broadcast reinjection.                        
     # CHILD_SA configurations names to perform multi/broadcast reinjection.
     # reinject = mobile,linux
     # reinject = mobile,linux


Version vom 25. Dezember 2018, 00:51 Uhr

Somehow working: 

forecast {

    # Multicast groups to join locally, allowing forwarding of them.
    groups = 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250

    # Local interface to listen for broadcasts to forward.
    interface = BRIDGE_LAN

    # Whether to load the plugin. Can also be an integer to increase the
    # priority of this plugin.
    load = yes

    # CHILD_SA configurations names to perform multi/broadcast reinjection.
    # reinject = mobile,linux

}

connections {

   linux {
      local_addrs  = 192.168.3.253
      remote_addrs = darkrealm.dyndns.org
      keyingtries = 0
      
      local {
         auth = pubkey
         certs = neorealm.crt
      }
      remote {
         auth = pubkey
	 certs = darkrealm.crt
      }
      children {
         linux {
            local_ts  = 192.168.2.0/24,192.168.3.0/24,224.0.0.0/4,fd00:ffff:bbbb::/64,ff00::/8 
            remote_ts = 192.168.0.0/24,192.168.1.0/24,224.0.0.0/4,fd00:ffff:aaaa::/64,ff00::/8 
            mark_in  = %unique
            mark_out = %unique
	    ipcomp = yes
	    start_action = trap
	    close_action = trap
	    dpd_action = trap
	    
	    }
      		}
      }
}
Abgerufen von „https://darkrealm-wiki.darkrealm.dyndns.org/index.php?title=Strongswan&oldid=264