|
|
|
@ -1,4 +1,4 @@ |
|
|
|
# $OpenBSD: ipsec.conf,v 1.3 2006/08/24 12:23:30 hshoexer Exp $ |
|
|
|
# $OpenBSD: ipsec.conf,v 1.4 2006/08/24 12:47:37 hshoexer Exp $ |
|
|
|
# |
|
|
|
# See ipsec.conf(5) for syntax and examples. |
|
|
|
|
|
|
|
@ -8,10 +8,10 @@ |
|
|
|
# second between the machines 192.168.3.1 and 192.168.3.2. |
|
|
|
# Use FQDNs as IDs. |
|
|
|
|
|
|
|
ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 192.168.3.2 \ |
|
|
|
srcid me.mylan.net dstid the.others.net |
|
|
|
ike esp from 192.168.3.1 to 192.168.3.2 \ |
|
|
|
srcid me.mylan.net dstid the.others.net |
|
|
|
#ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 192.168.3.2 \ |
|
|
|
# srcid me.mylan.net dstid the.others.net |
|
|
|
#ike esp from 192.168.3.1 to 192.168.3.2 \ |
|
|
|
# srcid me.mylan.net dstid the.others.net |
|
|
|
|
|
|
|
# Set up a tunnel using static keying: |
|
|
|
# |
|
|
|
@ -20,7 +20,7 @@ ike esp from 192.168.3.1 to 192.168.3.2 \ |
|
|
|
# and aesctr for encryption. hmac-sha2-256 uses a 256-bit key; aesctr |
|
|
|
# a 160-bit key. |
|
|
|
|
|
|
|
flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
|
|
|
esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
|
|
|
authkey 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa \ |
|
|
|
enckey 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee:0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee |
|
|
|
#flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
|
|
|
#esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
|
|
|
# authkey 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa \ |
|
|
|
# enckey 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee:0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee |
hshoexer
18 years ago