strongSwan

= conn <name> =

'''general per connection parameters:'''

• ''ah = ''<algorithms>

• ''also = ''<section name>

• ''auth = '''esp'''|ah''

• ''authby = '''rsasig'''|psk|secret|xauthrsasig|xauthpsk|eap''

• ''auto = '''ignore'''|add|route|start''

• ''compress = yes|'''no'''''

• ''dpdaction = '''none'''|clear|hold|restart''

• ''dpddelay = ''<time>

• ''dpdtimeout = ''<time>

• ''eap = aka|sim''

• ''esp = ''<cipher suites>

• ''ike = ''<cipher suites>

• ''ikelifetime = '''3h'''|''<time>

• ''keyexchange = '''ike'''|ikev1|ikev2''

• ''keyingtries = '''%forever'''''|<number>

• ''keylife = '''1h'''|''<time>

• ''mobike = '''yes'''|no''

• ''modeconfig = push|'''pull'''''

• ''pfs = '''yes'''|no''

• ''reauth = '''yes'''|no''

• ''rekey = '''yes'''|no''

• ''rekeyfuzz = '''100%'''|''<percentage>

• ''rekeymargin = '''9m'''|''<time>

• ''type = '''tunnel'''|transport|passthrough|drop|reject''

• ''xauth = '''client'''|server''

'''left|right end parameters:'''

• ''left|right''

• ''left|rightallowany''

• ''left|rightca''

• ''left|rightcert''

• ''left|rightfirewall''

• ''left|rightgroups''

• ''left|righthostaccess''

• ''left|rightid''

• ''left|rightnexthop''

• ''left|rightprotoport''

• ''left|rightrsasigkey''

• ''left|rightsendcert''

• ''left|rightsourceip''

• ''left|rightsubnet''

• ''left|rightsubnetwithin''

• ''left|rightupdown''