| 1 |
diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/db/ipsec_connections/defaults/L2TPD-PSK/status smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/db/ipsec_connections/defaults/L2TPD-PSK/status |
| 2 |
--- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/db/ipsec_connections/defaults/L2TPD-PSK/status 1970-01-01 01:00:00.000000000 +0100 |
| 3 |
+++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/db/ipsec_connections/defaults/L2TPD-PSK/status 2019-10-13 16:05:56.435030738 +0200 |
| 4 |
@@ -0,0 +1 @@ |
| 5 |
+disabled |
| 6 |
\ No newline at end of file |
| 7 |
diff -ruN smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd |
| 8 |
--- smeserver-libreswan-xl2tpd-0.5.old/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2019-10-13 16:01:44.453638751 +0200 |
| 9 |
+++ smeserver-libreswan-xl2tpd-0.5/root/etc/e-smith/templates/etc/ipsec.d/ipsec.conf/20defaultL2tpd 2019-10-13 16:05:56.468032361 +0200 |
| 10 |
@@ -45,6 +45,9 @@ |
| 11 |
$OUT .= " # high port, but propose \"0\" instead of their port.\n"; |
| 12 |
$OUT .= " left=%defaultroute\n"; |
| 13 |
$OUT .= " leftprotoport=17/1701\n"; |
| 14 |
+ $OUT .= " # Permit Ike v1 for older xl2tpd connections/clients\n"; |
| 15 |
+ $OUT .= " ikev2=permit\n"; |
| 16 |
+ |
| 17 |
$OUT .= " # Apple iOS doesn't send delete notify so we need dead peer detection\n"; |
| 18 |
$OUT .= " # to detect vanishing clients\n"; |
| 19 |
|
| 20 |
@@ -62,6 +65,7 @@ |
| 21 |
# Disabled for now - needs some thought |
| 22 |
# Probably only needed if you are doing subnet <-> subnet |
| 23 |
# Most likely not required for dialin |
| 24 |
+ # see https://libreswan.org/man/ipsec.conf.5.html -> leftsubnet |
| 25 |
|
| 26 |
my $rightsubnet = $ipsecDB->get_prop( $ipsecprop, 'rightsubnet' ) || ''; |
| 27 |
if ( $rightsubnet ne '' ) { |
Parent Directory
| 
Revision Log
| 
Revision Graph
