apiVersion: sdewan.akraino.org/v1alpha1
kind: Mwan3RuleIPSecRemote
metadata:
name: example1-rule
spec:
node: node1
gateway:
pre_shared_key:
auth_method:
local_identifier:
remote_identifier:
crypto_proposal: "proposal1"
policyforce_crypto_proposal: balance1true
connection:
- ovn-net1: weight: 2 metric: 2 - ovn-net2: weight: 3 metric: 3 rule: - name: 'https' policy: balance1 dest_ip: 0.0.0.0/0 dest_port: 443 - name: 'http' policy: balance1 dest_ip: 0.0.0.0/0 dest_port: 80type: tunnel/transport
mode:
local_subnet:
local_nat:
local_sourceip:
local_updown:
local_firewall:
remote_subnet:
remote_sourceip:
remote_updown:
remote_firewall:
keyexchange: "ikev2"
inactivity:
crypto_proposal: "proposal1 proposal2"
proposal:
- encryption_algorithm:
hash_algorithm:
dh_group: |