ajout srcid et dstid + rendre plus lisible config

2022-05-10 12:04:48 +02:00 · 2022-05-10 12:04:48 +02:00 · 90cc55a5a9
parent 0cfd514238
commit 90cc55a5a9
1 changed files with 3 additions and 2 deletions
--- a/HowtoIKED.md
+++ b/HowtoIKED.md
@ -64,9 +64,10 @@ remote_network="203.0.113.128/25"
 ikev2 active esp \
    from $local_network to $remote_network \
    local $local_ip peer $remote_ip \
-    ikesa auth hmac-sha2-256 enc aes-256 prf hmac-sha2-256 group modp4096 \
-    childsa auth hmac-sha1 enc aes-256 group modp4096 \
+    ikesa   auth hmac-sha2-256 enc aes-256 group modp4096 prf hmac-sha2-256 \
+    childsa auth hmac-sha1     enc aes-256 group modp4096 \
    ikelifetime 86400 lifetime 3600 \
+    srcid $local_ip dstid $remote_ip \
    psk "PSK-TO-CONFIGURE"
 ~~~