dmvpn.swanctl


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30

# Copyright (c) 2017-2020 Kaarle Ritvanen
# See LICENSE file for license details

connections {
	dmvpn {
		proposals = aes256gcm12-prfsha512-ecp384,aes128-sha256-prfaesxcbc-ecp256
		mobike = no
		dpd_delay = 15s
		unique = replace
		reauth_time = 13h
		local {
			certs = dmvpn.pem
		}
		remote {
			cacerts = dmvpn.pem
			revocation = ifuri
		}
		children {
			dmvpn {
				esp_proposals = aes256gcm12-ecp384,aes128-sha256
				local_ts = dynamic[gre]
				remote_ts = dynamic[gre]
				rekey_time = 100m
				mode = transport
				inactivity = 90m
				reqid = 1
			}
		}
	}
}