34 lines
933 B
Plaintext
34 lines
933 B
Plaintext
#
|
|
# remote $title
|
|
#
|
|
|
|
remote <%= @remote_ip %> {
|
|
exchange_mode main;
|
|
proposal {
|
|
encryption_algorithm <%= @encryption %>;
|
|
hash_algorithm <%= @hash %>;
|
|
dh_group <%= @dh_group %>;
|
|
lifetime time <%= @lifetime %>;
|
|
authentication_method pre_shared_key;
|
|
}
|
|
# generate_policy on;
|
|
}
|
|
|
|
<% @nets.each do |net| -%>
|
|
<%- @salifetime = net['lifetime'] ? net['lifetime'] : "3600 sec" %>
|
|
<%- @saencryption = net['encryption'] ? net['encryption'] : @encryption %>
|
|
<%- @pfs_group = net['pfs_group'] ? net['pfs_group'] : @dh_group %>
|
|
<%- @p2hash = net['hash'] ? net['hash'] : 'hmac_md5' %>
|
|
|
|
|
|
sainfo address <%= net['local'] %> <%= net['proto'] %> address <%= net['remote'] %> <%= net['proto'] %>
|
|
{
|
|
pfs_group <%= @pfs_group %>;
|
|
encryption_algorithm <%= @saencryption %>;
|
|
authentication_algorithm <%= @p2hash %>;
|
|
compression_algorithm deflate;
|
|
lifetime time <%= @salifetime %>;
|
|
}
|
|
<% end -%>
|
|
|