forked from andrewpuch/multi_region_vpn_connection
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathipsec.conf
32 lines (27 loc) · 877 Bytes
/
ipsec.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
# ipsec.conf - strongSwan IPsec configuration file
# Amazon VPC IPsec configuration for the OpenVPN Access Server Appliance
conn %default
left=%any
keyexchange=ikev1
keyingtries=%forever
esp=aes128-sha1-modp1024
ike=aes128-sha1-modp1024
ikelifetime=8h
auto=start
authby=secret
dpdaction=restart
closeaction=restart
dpddelay=10s
dpdtimeout=30s
leftsubnet=0.0.0.0/0
leftupdown=/sbin/ipsec.sh
installpolicy=no
# Enter your VPC subnet here (in CIDR format - e.g. rightsubnet=10.0.0.0/16)
rightsubnet=10.0.0.0/16
conn VPC-CUST-GW1
# Enter the tunnel 1 endpoint here (e.g. right=205.251.233.121)
right=72.21.209.194
conn VPC-CUST-GW2
# Enter the tunnel 2 endpoint here (e.g. right=205.251.233.122)
right=72.21.209.226
# Remember to open ipsec.secrets and insert the PSK given to you by Amazon.