Annotation of src/etc/iked.conf, Revision 1.3
1.3 ! sobrado 1: # $OpenBSD: iked.conf,v 1.2 2012/05/23 16:41:33 mikeb Exp $
1.1 reyk 2: #
3: # See iked.conf(5) for syntax and examples.
4:
5: # Configure users for the Extensible Authentication Protocol (EAP)
1.3 ! sobrado 6: #user "user1" "password123"
! 7: #user "user2" "password456"
1.1 reyk 8:
9: # Configuration for clients connecting with EAP authentication.
10: # Remember to set up a PKI, see ikectl(8) for more information.
1.3 ! sobrado 11: #ikev2 "win7" passive esp \
! 12: # from 10.1.0.0/24 to 10.2.0.0/24 \
! 13: # local any peer any \
! 14: # eap "mschap-v2" \
! 15: # config address 10.2.0.1 \
! 16: # config name-server 10.1.0.2 \
! 17: # tag "$name-$id"
1.1 reyk 18:
19: # Configuration for a client authenticating with a pre-shared key.
1.3 ! sobrado 20: #ikev2 esp \
! 21: # from 10.3.0.0/24 to 10.1.0.0/24 \
! 22: # from 10.5.0.0/24 to 10.1.0.0/24 \
! 23: # from 10.5.0.0/24 to 172.16.1.0/24 \
! 24: # local 192.168.1.1 peer 192.168.2.1 \
! 25: # psk "you-should-not-use-psk-authentication!"