diff options
author | Othmar Gsenger <otti@anytun.org> | 2008-05-25 09:50:42 +0000 |
---|---|---|
committer | Othmar Gsenger <otti@anytun.org> | 2008-05-25 09:50:42 +0000 |
commit | 71da41451212389bea25d67bc5da696b6d194bff (patch) | |
tree | a3b20decbd8bc9e47640af5fa4b39f731477955a /keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf | |
parent | improved presentation again (diff) |
moved keyexchange to http://anytun.org/svn/keyexchange
Diffstat (limited to 'keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf')
-rw-r--r-- | keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf | 116 |
1 files changed, 0 insertions, 116 deletions
diff --git a/keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf b/keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf deleted file mode 100644 index b64c801..0000000 --- a/keyexchange/isakmpd-20041012/samples/VPN-3way-template.conf +++ /dev/null @@ -1,116 +0,0 @@ -# $OpenBSD: VPN-3way-template.conf,v 1.11 2004/02/11 08:55:22 jmc Exp $ -# $EOM: VPN-3way-template.conf,v 1.8 2000/10/09 22:08:30 angelos Exp $ -# -# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon. -# -# This is a template file of a VPN setup between three nodes in -# a fully meshed 'three-way' configuration. Suggested use is to copy -# this file to all three nodes and then edit them accordingly. -# -# These nodes are initially called XXX, YYY and ZZZ. -# -# In pseudographics: XXX --- YYY -# \ / -# ZZZ -# -# In cases where IP/network addresses should be defined values like -# 192.168.XXX.nnn have been used. -# - -# Incoming phase 1 negotiations are multiplexed on the source IP -# address. In the three-way VPN, we have two possible peers. - -[Phase 1] -192.168.YYY.nnn= ISAKMP-peer-node-YYY -192.168.ZZZ.nnn= ISAKMP-peer-node-ZZZ - -# These connections are walked over after config file parsing and -# told to the application layer so that it will inform us when -# traffic wants to pass over them. This means we can do on-demand -# keying. In the three-way VPN, each node knows two connections. - -[Phase 2] -Connections= IPsec-Conn-XXX-YYY,IPsec-Conn-XXX-ZZZ - -# ISAKMP Phase 1 peer sections -############################## - -[ISAKMP-peer-node-YYY] -Phase= 1 -Transport= udp -Address= 192.168.YYY.nnn -Configuration= Default-main-mode -Authentication= yoursharedsecretwithYYY - -[ISAKMP-peer-node-ZZZ] -Phase= 1 -Transport= udp -Address= 192.168.ZZZ.nnn -Configuration= Default-main-mode -Authentication= yoursharedsecretwithZZZ - -# IPsec Phase 2 sections -######################## - -[IPsec-Conn-XXX-YYY] -Phase= 2 -ISAKMP-peer= ISAKMP-peer-node-YYY -Configuration= Default-quick-mode -Local-ID= MyNet-XXX -Remote-ID= OtherNet-YYY - -[IPsec-Conn-XXX-ZZZ] -Phase= 2 -ISAKMP-peer= ISAKMP-peer-node-ZZZ -Configuration= Default-quick-mode -Local-ID= MyNet-XXX -Remote-ID= OtherNet-ZZZ - -# Client ID sections -#################### - -[MyNet-XXX] -ID-type= IPV4_ADDR_SUBNET -Network= 192.168.XXX.0 -Netmask= 255.255.255.0 - -[OtherNet-YYY] -ID-type= IPV4_ADDR_SUBNET -Network= 192.168.YYY.0 -Netmask= 255.255.255.0 - -[OtherNet-ZZZ] -ID-type= IPV4_ADDR_SUBNET -Network= 192.168.ZZZ.0 -Netmask= 255.255.255.0 - -# -# There is no more node-specific configuration below this point. -# - -# Main mode descriptions - -[Default-main-mode] -DOI= IPSEC -EXCHANGE_TYPE= ID_PROT -Transforms= 3DES-SHA,3DES-MD5 - -[Blowfish-main-mode] -DOI= IPSEC -EXCHANGE_TYPE= ID_PROT -Transforms= BLF-SHA-M1024 - -# Quick mode description -######################## - -[Default-quick-mode] -DOI= IPSEC -EXCHANGE_TYPE= QUICK_MODE -Suites= QM-ESP-AES-SHA-PFS-SUITE - -[Blowfish-quick-mode] -DOI= IPSEC -EXCHANGE_TYPE= QUICK_MODE -Suites= QM-ESP-BLF-SHA-PFS-SUITE -#Suites= QM-ESP-BLF-SHA-SUITE - |