From 9ce176920849f94b9e7188efa0c6fb6922bfd220 Mon Sep 17 00:00:00 2001
From: hwdsl2 <hwdsl2@users.noreply.github.com>
Date: Fri, 3 Jun 2016 16:44:37 -0500
Subject: [PATCH] Minor improvement to IPsec config

---
 vpnsetup.sh        | 5 ++---
 vpnsetup_centos.sh | 5 ++---
 2 files changed, 4 insertions(+), 6 deletions(-)

diff --git a/vpnsetup.sh b/vpnsetup.sh
index 4278606..f086b9c 100755
--- a/vpnsetup.sh
+++ b/vpnsetup.sh
@@ -197,6 +197,8 @@ conn shared
   dpddelay=30
   dpdtimeout=120
   dpdaction=clear
+  ike=3des-sha1,aes-sha1
+  phase2alg=3des-sha1,aes-sha1
 
 conn l2tp-psk
   auto=add
@@ -204,11 +206,8 @@ conn l2tp-psk
   leftnexthop=%defaultroute
   leftprotoport=17/1701
   rightprotoport=17/%any
-  rightsubnetwithin=0.0.0.0/0
   type=transport
   auth=esp
-  ike=3des-sha1,aes-sha1
-  phase2alg=3des-sha1,aes-sha1
   also=shared
 
 conn xauth-psk
diff --git a/vpnsetup_centos.sh b/vpnsetup_centos.sh
index 5f295d8..ecf7568 100755
--- a/vpnsetup_centos.sh
+++ b/vpnsetup_centos.sh
@@ -207,6 +207,8 @@ conn shared
   dpddelay=30
   dpdtimeout=120
   dpdaction=clear
+  ike=3des-sha1,aes-sha1
+  phase2alg=3des-sha1,aes-sha1
 
 conn l2tp-psk
   auto=add
@@ -214,11 +216,8 @@ conn l2tp-psk
   leftnexthop=%defaultroute
   leftprotoport=17/1701
   rightprotoport=17/%any
-  rightsubnetwithin=0.0.0.0/0
   type=transport
   auth=esp
-  ike=3des-sha1,aes-sha1
-  phase2alg=3des-sha1,aes-sha1
   also=shared
 
 conn xauth-psk