Gitiles
Code Review Sign In
gerrit.opencord.org / ansible / role / strongswan
Clone this repo:

Branches

  1. 6547fdf Remove gitreview by Zack Williams · 2 years, 4 months ago master
  2. 25979e2 add optional per-connection dpd/close actions by Zack Williams · 2 years, 4 months ago
  3. f7cfb4f Make role multiplatform by Zack Williams · 2 years, 8 months ago
  4. 75b9b2a Update metadata for Ansible galaxy support by Wei-Yu Chen · 2 years, 8 months ago
  5. 2c0a0e3 AETHER-3110 Make keyingtries configurable by Hyunsun Moon · 2 years, 10 months ago

strongSwan

strongSwan IPSec VPN daemon

Requirements

Requires BIRD to be installed if the VPNs are dynamic route based.

Minimum ansible version: 2.9.5

Examples

Example: policy-based VPN

strongswan_conf_install_routes: yes
strongswan_conf_connections:
  - name: tunnel1
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243
    right_subnets: 0.0.0.0/0

Example: dynamic route-based VPN

strongswan_conf_connections:
  - name: tunnel1
    vti:
      local: 169.254.0.2/30
      remote: 169.254.0.1/30
    psk: secret
    left: 10.0.0.3
    leftid: 128.105.144.189
    left_subnets: 0.0.0.0/0
    right: 34.124.6.243

Example: playbook

- hosts: all
  vars:
  roles:
    - bird
    - strongswan

License and Author

© 2020 Open Networking Foundation support@opennetworking.org

License: Apache-2.0