![[BACK]](/icons/back.gif){kind=icon}
Return to ipsec.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / src / etc|
Return to ipsec.conf CVS log | Up to [local] / src / etc |
| File: [local] / src / etc / Attic / ipsec.conf (download)
Revision 1.4, Thu Aug 24 12:47:37 2006 UTC (17 years, 9 months ago) by hshoexer
Similar to the sample pf.conf, comment out everything. Suggested by okan@demirmen.com, thanks! |
# $OpenBSD: ipsec.conf,v 1.4 2006/08/24 12:47:37 hshoexer Exp $ # # See ipsec.conf(5) for syntax and examples. # Set up two tunnels using automatic keying with isakmpd(8): # # First between the networks 10.1.1.0/24 and 10.1.2.0/24, # second between the machines 192.168.3.1 and 192.168.3.2. # Use FQDNs as IDs. #ike esp from 10.1.1.0/24 to 10.1.2.0/24 peer 192.168.3.2 \ # srcid me.mylan.net dstid the.others.net #ike esp from 192.168.3.1 to 192.168.3.2 \ # srcid me.mylan.net dstid the.others.net # Set up a tunnel using static keying: # # The first rule sets up the flow; the second sets up the SA. As default # transforms, ipsecctl(8) will use hmac-sha2-256 for authentication # and aesctr for encryption. hmac-sha2-256 uses a 256-bit key; aesctr # a 160-bit key. #flow esp from 192.168.7.0/24 to 192.168.8.0/24 peer 192.168.3.2 #esp from 192.168.3.1 to 192.168.3.2 spi 0xdeadbeef:0xbeefdead \ # authkey 0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa:0xaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa \ # enckey 0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee:0xeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee