| version 1.2, 2012/05/23 16:41:33 |
version 1.3, 2013/03/05 14:52:02 |
|
|
| # See iked.conf(5) for syntax and examples. |
# See iked.conf(5) for syntax and examples. |
| |
|
| # Configure users for the Extensible Authentication Protocol (EAP) |
# Configure users for the Extensible Authentication Protocol (EAP) |
| user "user1" "password123" |
#user "user1" "password123" |
| user "user2" "password456" |
#user "user2" "password456" |
| |
|
| # Configuration for clients connecting with EAP authentication. |
# Configuration for clients connecting with EAP authentication. |
| # Remember to set up a PKI, see ikectl(8) for more information. |
# Remember to set up a PKI, see ikectl(8) for more information. |
| ikev2 "win7" passive esp \ |
#ikev2 "win7" passive esp \ |
| from 10.1.0.0/24 to 10.2.0.0/24 \ |
# from 10.1.0.0/24 to 10.2.0.0/24 \ |
| local any peer any \ |
# local any peer any \ |
| eap "mschap-v2" \ |
# eap "mschap-v2" \ |
| config address 10.2.0.1 \ |
# config address 10.2.0.1 \ |
| config name-server 10.1.0.2 \ |
# config name-server 10.1.0.2 \ |
| tag "$name-$id" |
# tag "$name-$id" |
| |
|
| # Configuration for a client authenticating with a pre-shared key. |
# Configuration for a client authenticating with a pre-shared key. |
| ikev2 esp \ |
#ikev2 esp \ |
| from 10.3.0.0/24 to 10.1.0.0/24 \ |
# from 10.3.0.0/24 to 10.1.0.0/24 \ |
| from 10.5.0.0/24 to 10.1.0.0/24 \ |
# from 10.5.0.0/24 to 10.1.0.0/24 \ |
| from 10.5.0.0/24 to 172.16.1.0/24 \ |
# from 10.5.0.0/24 to 172.16.1.0/24 \ |
| local 192.168.1.1 peer 192.168.2.1 \ |
# local 192.168.1.1 peer 192.168.2.1 \ |
| psk "you-should-not-use-psk-authentication!" |
# psk "you-should-not-use-psk-authentication!" |
![[BACK]](/icons/back.gif){kind=icon}
Return to iked.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc