forked from CodeIntelligenceTesting/openiked-portable
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathiked.conf
25 lines (22 loc) · 817 Bytes
/
iked.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# $OpenBSD: iked.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $
#
# See iked.conf(5) for syntax and examples.
# Configure users for the Extensible Authentication Protocol (EAP)
#user "user1" "password123"
#user "user2" "password456"
# Configuration for clients connecting with EAP authentication.
# Remember to set up a PKI, see ikectl(8) for more information.
#ikev2 "win7" passive esp \
# from 10.1.0.0/24 to 10.2.0.0/24 \
# local any peer any \
# eap "mschap-v2" \
# config address 10.2.0.1 \
# config name-server 10.1.0.2 \
# tag "$name-$id"
# Configuration for a client authenticating with a pre-shared key.
ikev2 esp \
from 10.3.0.0/24 to 10.1.0.0/24 \
from 10.5.0.0/24 to 10.1.0.0/24 \
from 10.5.0.0/24 to 172.16.1.0/24 \
local 192.168.1.1 peer 192.168.2.1 \
psk "you-should-not-use-psk-authentication!"