algo/roles/strongswan/templates/client_ipsec.conf.j2

conn algovpn-{{ IP_subject_alt_name }}
    fragmentation=yes
    rekey=no
    dpdaction=clear
    keyexchange=ikev2
    compress=no
    dpddelay=35s

    ike={{ ciphers.defaults.ike }}
    esp={{ ciphers.defaults.esp }}

    right={{ IP_subject_alt_name }}
    rightid={{ IP_subject_alt_name }}
    rightsubnet={{ rightsubnet | default('0.0.0.0/0') }}
    rightauth=pubkey

    leftsourceip=%config
    leftauth=pubkey
    leftcert={{ item }}.crt
    leftfirewall=yes
    left=%defaultroute

    auto=add
Refactoring, Linting and additional tests (#1397) * Refactoring, Linting and additional tests * Vultr: Undefined variable and deprecation notes fix * Travis-CI enable linters * Azure: Update python requirements * Update main.yml * Update install.sh * Add missing roles to ansible-lint * Linting for skipped roles * add .ansible-lint config 2019-04-26 15:48:28 +00:00			`conn algovpn-{{ IP_subject_alt_name }}`
unnecessarry to use such way Fixed #162 2016-12-14 16:42:39 +00:00			`fragmentation=yes`
			`rekey=no`
			`dpdaction=clear`
			`keyexchange=ikev2`
disable compression #146 2017-01-14 16:56:23 +00:00			`compress=no`
unnecessarry to use such way Fixed #162 2016-12-14 16:42:39 +00:00			`dpddelay=35s`
client configuration templates #43 2016-10-16 12:27:05 +00:00
New ciphers implementing #247 (#352) Switches to SHA2_512_256 HMAC integrity algorithm and adds cipher compatibility for other platforms. 2017-04-11 20:08:03 +00:00			`ike={{ ciphers.defaults.ike }}`
			`esp={{ ciphers.defaults.esp }}`
Windows RSA support #9 2016-11-26 22:37:17 +00:00
client configuration templates #43 2016-10-16 12:27:05 +00:00			`right={{ IP_subject_alt_name }}`
			`rightid={{ IP_subject_alt_name }}`
Refactoring, Linting and additional tests (#1397) * Refactoring, Linting and additional tests * Vultr: Undefined variable and deprecation notes fix * Travis-CI enable linters * Azure: Update python requirements * Update main.yml * Update install.sh * Add missing roles to ansible-lint * Linting for skipped roles * add .ansible-lint config 2019-04-26 15:48:28 +00:00			`rightsubnet={{ rightsubnet \| default('0.0.0.0/0') }}`
client configuration templates #43 2016-10-16 12:27:05 +00:00			`rightauth=pubkey`

			`leftsourceip=%config`
			`leftauth=pubkey`
Fix name (#411) 2017-04-15 12:57:07 +00:00			`leftcert={{ item }}.crt`
client configuration templates #43 2016-10-16 12:27:05 +00:00			`leftfirewall=yes`
			`left=%defaultroute`

			`auto=add`