wallenstein/algo
1
0
Fork 0
mirror of https://github.com/trailofbits/algo.git synced 2025-08-14 00:33:02 +02:00
Code Issues Projects Releases Wiki Activity

Update ipsec.conf.j2

Browse source 
Enable rekey=yes, change to reauth=no, specify SA lifetime and IKE_SA lifetimes to 2h and 12h (previously 20min as per mobileconfig).
This commit is contained in:
TC1977 2018-11-20 11:34:46 -05:00 committed by GitHub
parent d8b318b59a
commit 09ec0650b0
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
roles/vpn/templates/ipsec.conf.j2
View file

@ -4,11 +4,14 @@ config setup
conn %default
fragmentation=yes
rekey=no
rekey=yes
reauth=no
dpdaction=clear
keyexchange=ikev2
compress=yes
dpddelay=35s
lifetime=2h
ikelifetime=12h
{% if algo_windows %}
ike={{ ciphers.compat.ike }}