release/src/router/xl2tpd/examples/xl2tpd-L2TP-PSK.conf

   1 # /etc/ipsec.conf
   2 version 2
   3         nat_traversal=yes
   4         # example assumes we using 192.168.1.0/24 ourselves
   5         virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24.
   6         # Only the mast stack of Openswan supports SAref tracking
   7         protostack=mast
   8         #protostack=netkey
   9
  10 conn L2TP-PSK
  11         #
  12         # Configuration for one user with any type of IPsec/L2TP client
  13         # including the updated Windows 2000/XP (MS KB Q818043), but
  14         # excluding the non-updated Windows 2000/XP.
  15         #
  16         #
  17         # Use a Preshared Key. Disable Perfect Forward Secrecy.
  18         #
  19         authby=secret
  20         pfs=no
  21         #
  22         left=123.123.123.123
  23         #
  24         leftprotoport=17/1701
  25         #
  26         # The remote user.
  27         #
  28         right=%any
  29         rightprotoport=17/%any
  30         rightsubnet=vhost:%priv,%no
  31         #
  32         # Change 'ignore' to 'add' to enable the configuration for this user.
  33         #
  34         auto=ignore
  35         keyingtries=3
  36         # Only the mast stack with Openswan supports SAref tracking with
  37         # overlapping IP address support
  38         overlapip=yes
  39         sareftrack=yes