26: Configuring IPSec
_______________________________________________________________________________________________________
_____________________________________________________________________________________________________
© Virtual Access 2017
GW1000 Series User Manual
Issue: 1.9 Page 227 of 350
Web: ID selector
UCI: strongswan.@secret[X].
remoteaddress
Opt: remoteaddress
Defines the remote address this secret applies to.
Web: N/A
UCI: strongswan.@secret[X].userfqnd
Opt: userfqnd
FQDN or Xauth name used of Extended Authentication. This must
match xauth_identity from the configuration connection section.
Web: Secret Type
UCI: strongswan.@secret[X].secrettype
Opt: secrettype
Specifies the authentication mechanism to be used by the two
peers.
Elliptic Curve DSA signatures
Web: Secret
UCI: strongswan.@secret[X].secret
Opt: secret
Table 77: Information table for IPSec secrets settings
26.3 Configuring IPSec using UCI
26.3.1 Common settings
# Commands
touch /etc/config/strongswan
uci set strongswan.general=general
uci set strongswan.general.enabled=yes
uci set strongswan.general.strictcrlpolicy=no
uci set strongswan.general.uniqueids=yes
uci set strongswan.general.cachecrls=no
uci set strongswan.general.debug=none
uci commit
This will create the following output:
config general 'general'
option enabled 'yes'
option strictcrlpolicy 'no'
option uniqueids 'yes'
option cachecrls 'no'
option debug 'none'
To Next Page
Loading...
Need help?
General