From ad9c840c40d923e0fd1b04a57274cc2ec2e381ec Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Sun, 3 Nov 2013 22:25:16 +0100 Subject: Prefer maching on policy rather than marks. Also, use ESP tunnel mode instead of transport mode. --- roles/common/templates/etc/ipsec.conf.j2 | 1 - 1 file changed, 1 deletion(-) (limited to 'roles/common/templates/etc') diff --git a/roles/common/templates/etc/ipsec.conf.j2 b/roles/common/templates/etc/ipsec.conf.j2 index ceed16a..5ac2dd1 100644 --- a/roles/common/templates/etc/ipsec.conf.j2 +++ b/roles/common/templates/etc/ipsec.conf.j2 @@ -27,7 +27,6 @@ conn %default leftfirewall = yes rightauth = pubkey rightca = %same - type = transport auto = start {% for host in groups.all|sort %} -- cgit v1.2.3