Page History

...

Code Block

language	yml
title	Sample CR for gatewayA
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: siteA
spec:
  sites:
  - name: siteA
    gateway: 192.168.1.11
    pre_shared_key: test123
    authauthentication_method: psk
    local_identifier: @moon@sun.strongswan.org
    remote_identifier: @sun@moon.strongswan.org
    crypto_proposal:
      - proposal1
    force_crypto_proposal: true"0"
    connectionconnections:
    - name: connA
      type: tunnel
      mode: start
      local_subnet: 10.1.0.1/24
      local_sourceip: 192.168.1.10
      remote_subnet: 10.2.0.1/24
    keyexchange: ikev2
    crypto_proposal:
        - proposal1
  proposals:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Code Block

language	yml
title	Sample CR for gatewayB
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: siteB
spec:
  sites:
  - name: siteB
    gateway: 192.168.1.10
    pre_shared_key: test123
    authauthentication_method: psk
    local_identifier: @moon.strongswan.org
    remote_identifier: @sun.strongswan.org
    crypto_proposal:
      - proposal1
    force_crypto_proposal: true"0"
    connectionconnections:
    - name: connA
      type: tunnel
      mode: start
      local_subnet: 10.2.0.1/24
      local_sourceip: 192.168.1.11
      remote_subnet: 10.1.0.1/24
    keyexchange: ikev2
  crypto_proposal:
        crypto_proposal:- proposal1
  proposalproposals:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Code Block

language	yml
title	Sample CR for gatewayA
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: siteA
spec:
  sites:
  - name: siteA
    gateway: 192.168.1.15
    pre_shared_key: test123
  auth  authentication_method: psk
    local_identifier: @sun.strongswan.org
    remote_identifier: @roadwarrior.strongswan.org
    crypto_proposal:
      - proposal1
    force_crypto_proposal: true"0"
  connection  connections:
    - name: connA
      type: tunnel
      mode: start
      local_subnet: 10.1.0.1/24
      local_sourceip: 192.168.1.10
      remote_sourceip: 192.168.1.15
      crypto_proposal:
        - proposal1
  proposal:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Code Block

language	yml
title	sample CR for roadwarrior
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: roadwarrior
spec:
  sites:
  - name: roadwarrior
    gateway: 192.168.1.10
    pre_shared_key: test123
    authauthentication_method: psk
    local_identifier: @roadwarrior.strongswan.org
    remote_identifier: @sun.strongswan.org
    crypto_proposal: "proposal1"
      - proposal1
    force_crypto_proposal: true"0"
    connectionconnections:
    - name: connA
      type: tunnel
      mode: start
      local_sourceip: 192.168.1.15
      remote_subnetsourceip: 10192.168.1.0.1/24
10
      remote_sourceipsubnet: 19210.1.1680.1.10/24
      crypto_proposal:
        - proposal1
  proposal:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Code Block

language	yml
title	Sample CR for gatewayA
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: siteA
spec:
-  gatewaysites: any
  pre- name: siteA
    gateway: any
    pre_shared_key: test123
    authauthentication_method: psk
    local_identifier: @moon.strongswan.org
    remote_identifier: @roadwarrior.strongswan.org
    crypto_proposal:
      - proposal1
    force_crypto_proposal: true"0"
    connectionconnections:
    - name: connA
      type: tunnel
      mode: start
      local_subnet: 10.1.0.1/24
      local_sourceip: 192.168.1.10
      remote_sourceip: 10.3.0.1/24
      crypto_proposal: "proposal1"
        - proposal1
  proposal:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Code Block

language	yml
title	Sample CR for roadwarrior
collapse	true

apiVersion: sdewan.akraino.org/v1alpha1
kind: IPSecSite
metadata:
  name: roadwarrior
spec:
  sites:
  - name: roadwarrior
    gateway: 192.168.1.10
    pre_shared_key: test123
  auth  authentication_method: psk
    local_identifier: @roadwarrior.strongswan.org
    remote_identifier: @moon.strongswan.org
    crypto_proposal:
      - proposal1
    force_crypto_proposal: true"0"
    connectionconnections:
    - name: connA
      type: tunnel
      mode: start
      local_sourceip: %config
      remote_subnetsourceip: 10192.168.1.0.1/24
10
      remote_sourceipsubnet: 19210.1.1680.1.10/24
      crypto_proposal: "proposal1"
        - proposal1
  proposal:
    - name: proposal1
      encryption_algorithm: aes128
      hash_algorithm: sha256
      dh_group: modp3072

...

Space shortcuts

Page tree

Versions Compared

Old Version 8

New Version 9

Key