1
|
#configuration is in ipsec.conf file
|
2
|
config setup
|
3
|
uniqueids = yes
|
4
|
cachecrls = yes
|
5
|
strictcrlpolicy = no
|
6
|
|
7
|
ca "RACINE AGRIATES_CA"
|
8
|
cacert = "RACINE AGRIATES.pem"
|
9
|
crluri = http://crl1.igc.education.fr/agriates
|
10
|
crluri2 =
|
11
|
auto=add
|
12
|
|
13
|
conn %default
|
14
|
keyingtries = 3
|
15
|
keyexchange = ike
|
16
|
authby = pubkey
|
17
|
dpdaction = restart
|
18
|
dpddelay = 120s
|
19
|
ike = aes128-sha256-modp2048,aes192-sha384-modp3072
|
20
|
esp = aes128gcm128,aes192gcm128,aes128-sha256
|
21
|
forceencaps = no
|
22
|
mobike = no
|
23
|
|
24
|
#DEB:pf0348890d-sphynx3_1-admin-reseau192
|
25
|
conn "pf0348890d-sphynx3_1-admin-reseau192"
|
26
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
27
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
28
|
left = 212.51.190.245
|
29
|
leftsubnet = "10.34.199.0/24"
|
30
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
31
|
rightid = "C=FR, L=montpellier, O=Education Nationale, OU=ac-montpellier, OU=0002 110043015, CN=sphynx-PNCN.ac-montpellier.fr"
|
32
|
right = 195.83.225.227
|
33
|
rightsubnet = "192.168.0.0/16"
|
34
|
auto=start
|
35
|
#FIN:pf0348890d-sphynx3_1-admin-reseau192
|
36
|
|
37
|
#DEB:pf0348890d-sphynx3_1-admin-reseau172
|
38
|
conn "pf0348890d-sphynx3_1-admin-reseau172"
|
39
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
40
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
41
|
left = 212.51.190.245
|
42
|
leftsubnet = "10.34.199.0/24"
|
43
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
44
|
rightid = "C=FR, L=montpellier, O=Education Nationale, OU=ac-montpellier, OU=0002 110043015, CN=sphynx-PNCN.ac-montpellier.fr"
|
45
|
right = 195.83.225.227
|
46
|
rightsubnet = "172.16.0.0/12"
|
47
|
auto=start
|
48
|
#FIN:pf0348890d-sphynx3_1-admin-reseau172
|
49
|
|
50
|
#DEB:pf0348890d-sphynx3_1-admin-reseau_ader
|
51
|
conn "pf0348890d-sphynx3_1-admin-reseau_ader"
|
52
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
53
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
54
|
left = 212.51.190.245
|
55
|
leftsubnet = "10.34.199.0/24"
|
56
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
57
|
rightid = "C=FR, L=montpellier, O=Education Nationale, OU=ac-montpellier, OU=0002 110043015, CN=sphynx-PNCN.ac-montpellier.fr"
|
58
|
right = 195.83.225.227
|
59
|
rightsubnet = "161.48.0.0/19"
|
60
|
auto=start
|
61
|
#FIN:pf0348890d-sphynx3_1-admin-reseau_ader
|
62
|
|
63
|
#DEB:pf0348890d-sphynx3_1-admin-reseau10
|
64
|
conn "pf0348890d-sphynx3_1-admin-reseau10"
|
65
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
66
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
67
|
left = 212.51.190.245
|
68
|
leftsubnet = "10.34.199.0/24"
|
69
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
70
|
rightid = "C=FR, L=montpellier, O=Education Nationale, OU=ac-montpellier, OU=0002 110043015, CN=sphynx-PNCN.ac-montpellier.fr"
|
71
|
right = 195.83.225.227
|
72
|
rightsubnet = "10.0.0.0/8"
|
73
|
auto=start
|
74
|
#FIN:pf0348890d-sphynx3_1-admin-reseau10
|
75
|
|
76
|
#DEB:pf0348890d-sphynx3_1-reseau_rie-admin0
|
77
|
conn "pf0348890d-sphynx3_1-reseau_rie-admin0"
|
78
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
79
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
80
|
left = 212.51.190.245
|
81
|
leftsubnet = "10.34.199.0/24"
|
82
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
83
|
rightid = "C=FR, L=montpellier, O=Education Nationale, OU=ac-montpellier, OU=0002 110043015, CN=sphynx-PNCN.ac-montpellier.fr"
|
84
|
right = 195.83.225.227
|
85
|
rightsubnet = "100.64.0.0/12"
|
86
|
auto=start
|
87
|
#FIN:pf0348890d-sphynx3_1-reseau_rie-admin0
|
88
|
|
89
|
#DEB:pf0348890d-mic-sphynx-cd34_1-pedago-reseau_cd34
|
90
|
conn "pf0348890d-mic-sphynx-cd34_1-pedago-reseau_cd34"
|
91
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
92
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
93
|
left = 212.51.190.245
|
94
|
leftsubnet = "10.134.199.0/24"
|
95
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
96
|
rightid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348888B-01.ac-montpellier.fr"
|
97
|
right = 212.51.190.228
|
98
|
rightsubnet = "172.19.34.0/24"
|
99
|
auto=start
|
100
|
#FIN:pf0348890d-mic-sphynx-cd34_1-pedago-reseau_cd34
|
101
|
|
102
|
#DEB:pf0348890d-mic-sphynx-cd34_1-pedago_wifi-reseau_cd34
|
103
|
conn "pf0348890d-mic-sphynx-cd34_1-pedago_wifi-reseau_cd34"
|
104
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
105
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
106
|
left = 212.51.190.245
|
107
|
leftsubnet = "172.22.72.0/22"
|
108
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
109
|
rightid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348888B-01.ac-montpellier.fr"
|
110
|
right = 212.51.190.228
|
111
|
rightsubnet = "172.19.34.0/24"
|
112
|
auto=start
|
113
|
#FIN:pf0348890d-mic-sphynx-cd34_1-pedago_wifi-reseau_cd34
|
114
|
|
115
|
#DEB:pf0348890d-mic-sphynx-cd34_1-mgt-reseau_cd34
|
116
|
conn "pf0348890d-mic-sphynx-cd34_1-mgt-reseau_cd34"
|
117
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
118
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
119
|
left = 212.51.190.245
|
120
|
leftsubnet = "172.19.199.0/24"
|
121
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
122
|
rightid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348888B-01.ac-montpellier.fr"
|
123
|
right = 212.51.190.228
|
124
|
rightsubnet = "172.19.34.0/24"
|
125
|
auto=start
|
126
|
#FIN:pf0348890d-mic-sphynx-cd34_1-mgt-reseau_cd34
|
127
|
|
128
|
#DEB:pf0348890d-mic-sphynx-cd34_1-admin-reseau_cd34
|
129
|
conn "pf0348890d-mic-sphynx-cd34_1-admin-reseau_cd34"
|
130
|
leftid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348890D-01.ac-montpellier.fr"
|
131
|
leftcert = "0348890D-01.ac-montpellier.fr.pem"
|
132
|
left = 212.51.190.245
|
133
|
leftsubnet = "10.34.199.0/24"
|
134
|
leftupdown = /etc/ipsec.d/ipsec_updown
|
135
|
rightid = "C=FR, L=Montpellier, O=Education Nationale, OU=Academie de Montpellier, OU=0002 110043015, CN=0348888B-01.ac-montpellier.fr"
|
136
|
right = 212.51.190.228
|
137
|
rightsubnet = "172.19.34.0/24"
|
138
|
auto=start
|
139
|
#FIN:pf0348890d-mic-sphynx-cd34_1-admin-reseau_cd34
|
140
|
#personalisation AMON 2.7
|
141
|
include /etc/ipsec.d/conf/*
|
142
|
#
|