Annotation of src/etc/iked.conf, Revision 1.1
1.1 ! reyk 1: # $OpenBSD$
! 2: #
! 3: # See iked.conf(5) for syntax and examples.
! 4:
! 5: # Configure users for the Extensible Authentication Protocol (EAP)
! 6: user "user1" "password123"
! 7: user "user2" "password456"
! 8:
! 9: # Configuration for clients connecting with EAP authentication.
! 10: # Remember to set up a PKI, see ikectl(8) for more information.
! 11: ikev2 "win7" passive esp \
! 12: from 10.2.0.0/24 to 10.1.0.0/24 \
! 13: local any peer any \
! 14: eap "mschap-v2" \
! 15: config address 10.2.0.1 \
! 16: config name-server 10.1.0.2 \
! 17: tag "$name-$id"
! 18:
! 19: # Configuration for a client authenticating with a pre-shared key.
! 20: ikev2 esp \
! 21: from 10.3.0.0/24 to 10.1.0.0/24 \
! 22: from 10.5.0.0/24 to 10.1.0.0/24 \
! 23: from 10.5.0.0/24 to 172.16.1.0/24 \
! 24: local 192.168.1.1 peer 192.168.2.1 \
! 25: psk "you-should-not-use-psk-authentication!"