|
|
@ -1,4 +1,4 @@ |
|
|
# $OpenBSD: ipsec.conf,v 1.1 2005/12/24 15:44:12 hshoexer Exp $ |
|
|
|
|
|
|
|
|
# $OpenBSD: ipsec.conf,v 1.2 2006/03/07 09:08:30 jmc Exp $ |
|
|
# |
|
|
# |
|
|
# See ipsec.conf(5) for syntax and examples. |
|
|
# See ipsec.conf(5) for syntax and examples. |
|
|
|
|
|
|
|
|
@ -15,10 +15,10 @@ ike esp from 192.168.3.1 to 192.168.3.2 \ |
|
|
|
|
|
|
|
|
# Set up a tunnel using static keying: |
|
|
# Set up a tunnel using static keying: |
|
|
# |
|
|
# |
|
|
# The first rules sets up the flow, second the SA. As default |
|
|
|
|
|
# transforms ipsecctl(8) will use hmac-sha2-256 for authentication |
|
|
|
|
|
# and aesctr for encryption. hmac-sha2-256 uses a 256 bit key, aesctr |
|
|
|
|
|
# a 160 bit key. |
|
|
|
|
|
|
|
|
# The first rule sets up the flow; the second sets up the SA. As default |
|
|
|
|
|
# transforms, ipsecctl(8) will use hmac-sha2-256 for authentication |
|
|
|
|
|
# and aesctr for encryption. hmac-sha2-256 uses a 256-bit key; aesctr |
|
|
|
|
|
# a 160-bit key. |
|
|
|
|
|
|
|
|
flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
|
|
flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
|
|
esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
|
|
esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
|
|
|
jmc
18 years ago