|
|
- # $OpenBSD: iked.conf,v 1.1 2010/06/07 10:09:05 reyk Exp $
- #
- # See iked.conf(5) for syntax and examples.
-
- # Configure users for the Extensible Authentication Protocol (EAP)
- user "user1" "password123"
- user "user2" "password456"
-
- # Configuration for clients connecting with EAP authentication.
- # Remember to set up a PKI, see ikectl(8) for more information.
- ikev2 "win7" passive esp \
- from 10.2.0.0/24 to 10.1.0.0/24 \
- local any peer any \
- eap "mschap-v2" \
- config address 10.2.0.1 \
- config name-server 10.1.0.2 \
- tag "$name-$id"
-
- # Configuration for a client authenticating with a pre-shared key.
- ikev2 esp \
- from 10.3.0.0/24 to 10.1.0.0/24 \
- from 10.5.0.0/24 to 10.1.0.0/24 \
- from 10.5.0.0/24 to 172.16.1.0/24 \
- local 192.168.1.1 peer 192.168.2.1 \
- psk "you-should-not-use-psk-authentication!"
|