conn %default keyexchange=ikev2 ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 eap_identity=%any reauth=no # The primary University VPN service. # conn CAM left=%any leftid="username@cam.ac.uk" leftauth=eap leftsourceip=%config leftfirewall=yes # right="vpn.uis.cam.ac.uk" rightid="CN=vpn.uis.cam.ac.uk" rightcert=/etc/ipsec.d/certs/vpn-server-cert.crt rightsubnet=0.0.0.0/0 # auto=add # The Managed VPN Service for your Institution # # This section should only be included if you are using a managed VPN. # Changed "BOTOLPHS" to the name of your institution. # # This section can be duplicated, if you use multiple managed VPNs, but a # different name must be used for each, to distinguish them when # connecting. # #conn BOTOLPHS # left=%any # leftid="username@cam.ac.uk" # leftauth=eap # leftsourceip=%config # leftfirewall=yes # # # # 1. Replace "vpn.botolophs.cam.ac.uk" with the hostname of the particular service. # # 2. Replace "botolphs-vpn.crt" with the filename of the downloaded certificate (the # # filename needs to match the one used in the "Certificate" section, below). # # # right="vpn.botolphs.cam.ac.uk" # rightid="CN=vpn.botolphs.cam.ac.uk" # rightcert=/etc/ipsec.d/certs/botolphs-vpn.crt # rightsubnet=0.0.0.0/0 # # # auto=add