2018-02-21 15:31:53 +00:00
|
|
|
#
|
|
|
|
|
# remote $title
|
|
|
|
|
#
|
|
|
|
|
|
|
|
|
|
remote <%= @remote_ip %> {
|
|
|
|
|
exchange_mode main;
|
|
|
|
|
proposal {
|
|
|
|
|
encryption_algorithm <%= @encryption %>;
|
|
|
|
|
hash_algorithm <%= @hash %>;
|
|
|
|
|
dh_group <%= @dh_group %>;
|
2018-03-13 17:20:40 +00:00
|
|
|
lifetime time <%= @lifetime %> sec;
|
2018-02-21 15:31:53 +00:00
|
|
|
authentication_method pre_shared_key;
|
|
|
|
|
}
|
|
|
|
|
# generate_policy on;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
<% @nets.each do |net| -%>
|
2018-03-13 17:20:40 +00:00
|
|
|
<%- @salifetime = net['lifetime'] ? net['lifetime'] : "3600 " %>
|
2018-02-21 15:31:53 +00:00
|
|
|
<%- @saencryption = net['encryption'] ? net['encryption'] : @encryption %>
|
|
|
|
|
<%- @pfs_group = net['pfs_group'] ? net['pfs_group'] : @dh_group %>
|
2018-02-23 16:02:21 +00:00
|
|
|
<%- @p2hash = net['hash'] ? net['hash'] : @hash %>
|
|
|
|
|
<%- @netproto = net['proto'] ? net['proto'] : 'any' -%>
|
2018-02-21 15:31:53 +00:00
|
|
|
|
|
|
|
|
|
2018-02-23 16:02:21 +00:00
|
|
|
sainfo address <%= net['local'] %> <%= @netproto %> address <%= net['remote'] %> <%= @netproto %>
|
2018-02-21 15:31:53 +00:00
|
|
|
{
|
|
|
|
|
pfs_group <%= @pfs_group %>;
|
2018-02-28 18:49:56 +00:00
|
|
|
encryption_algorithm <%= @saencryption.join(",") %>;
|
|
|
|
|
<%- @komma="" -%>
|
|
|
|
|
authentication_algorithm <%- @p2hash.each do |hmalgo| -%><%=@komma -%>hmac_<%= hmalgo -%> <%- @komma=',' -%> <%- end -%>;
|
2018-02-21 15:31:53 +00:00
|
|
|
compression_algorithm deflate;
|
2018-03-13 17:20:40 +00:00
|
|
|
lifetime time <%= @salifetime %> sec;
|
2018-02-21 15:31:53 +00:00
|
|
|
}
|
|
|
|
|
<% end -%>
|
|
|
|
|
|
