version 1.3, 2006/08/24 12:23:30 |
version 1.4, 2006/08/24 12:47:37 |
|
|
# second between the machines 192.168.3.1 and 192.168.3.2. |
# second between the machines 192.168.3.1 and 192.168.3.2. |
# Use FQDNs as IDs. |
# Use FQDNs as IDs. |
|
|
ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 192.168.3.2 \ |
#ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 192.168.3.2 \ |
srcid me.mylan.net dstid the.others.net |
# srcid me.mylan.net dstid the.others.net |
ike esp from 192.168.3.1 to 192.168.3.2 \ |
#ike esp from 192.168.3.1 to 192.168.3.2 \ |
srcid me.mylan.net dstid the.others.net |
# srcid me.mylan.net dstid the.others.net |
|
|
# Set up a tunnel using static keying: |
# Set up a tunnel using static keying: |
# |
# |
|
|
# and aesctr for encryption. hmac-sha2-256 uses a 256-bit key; aesctr |
# and aesctr for encryption. hmac-sha2-256 uses a 256-bit key; aesctr |
# a 160-bit key. |
# a 160-bit key. |
|
|
flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
#flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 |
esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
#esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ |
authkey 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa \ |
# authkey 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa \ |
enckey 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee:0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee |
# enckey 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee:0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee |