OpenIKEd

portmaster security/openiked
vim /usr/local/etc/iked.conf
set active
set couple

# --- Brugere til EAP-MSCHAPv2 (lokale konti) ---
user 'user' 'passw0rd12e'

# --- IKEv2-politik for roadwarriors ---
ikev2 "IKEv2-VPN" default passive esp \
  from any to dynamic \
  local vpn.kold.is peer any \
  srcid vpn.kold.is \
  eap "mschap-v2" \
  config address 10.0.1.0/26 \
  config address 2a01:4f8:212:4201::/122 \
  config name-server 9.9.9.9 \
  config name-server 149.112.112.112 \
  config name-server 2620:fe::fe \
  config name-server 2620:fe::9 \
  tag "$name-$id"