Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
48b0210551
NetBSD/crypto/dist/ipsec-tools
History
christos 71f53a526c From Frank Wille: 
Request "IKE mode config" in "rsasig" (certificates on both sides only)
authentication mode, if "mode_cfg" is configured to "on".
Tested with a Lancom router, using the following configuration:

path include "/etc/racoon";
path certificate "/etc/racoon/certs";
path script "/etc/racoon/scripts";

remote "wpsd"
{
    remote_address 1.2.3.4;
    exchange_mode main,base;

    my_identifier asn1dn;
    certificate_type x509 "vpnclient15.crt" "vpnclient15.key";
    ca_type x509 "ca.crt";

    mode_cfg on;
    dpd_delay 20;
    nat_traversal on;
    lifetime time 8 hour;
    script "phase1-up.sh" phase1_up;
    script "phase1-down.sh" phase1_down;

    proposal {
        encryption_algorithm aes;
        hash_algorithm md5;
        authentication_method rsasig;
        dh_group 2;
    }
    proposal_check obey;
}

sainfo anonymous
{
    pfs_group 2;
    lifetime time 8 hour;
    encryption_algorithm aes;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
}
2016-03-09 22:27:17 +00:00
..
misc
rpm
src From Frank Wille: 2016-03-09 22:27:17 +00:00
.cvsignore
acracoon.m4
bootstrap
ChangeLog.old
configure.ac Add an option --enable-wildcard-match to enable wildcard matching and explain 2013-06-20 15:41:18 +00:00
Makefile.am
netbsd-import.sh
NEWS
package_version.h.in
README

README 

IPsec-tools
===========

This package provides a way to use the native IPsec functionality 
in the Linux 2.6+ kernel. It works as well on NetBSD and FreeBSD.

	- libipsec, a PF_KEYv2 library
	- setkey, a tool to directly manipulate policies and SAs
	- racoon, an IKEv1 keying daemon

IPsec-tools were ported to Linux from the KAME project 
(http://www.kame.net) by Derek Atkins  <derek@ihtfp.com>.

Currently the package is actively maintained and developed by: 
	Emmanuel Dreyfus <manu@netbsd.org>
	VANHULLEBUS Yvan <vanhu@free.fr>
	Matthew Grooms <mgrooms@shrew.net>
	Timo Teräs <timo.teras@iki.fi>

Sources can be found at the IPsec-Tools home page at:
	http://ipsec-tools.sourceforge.net/

And CVS repository is hosted at NetBSD tree:
	cvs -danoncvs@anoncvs.netbsd.org:/cvsroot co ipsec-tools

Bug reports and project wiki is located at:
	https://trac.ipsec-tools.net/

Please report any problems to the mailing list:
	ipsec-tools-devel@lists.sourceforge.net
	ipsec-tools-users@lists.sourceforge.net

You can also browse the list archive:
	http://sf.net/mailarchive/forum.php?forum_name=ipsec-tools-devel

Credits:
	IHTFP Consulting, see http://www.ihtfp.com/
	SUSE Linux AG, see http://www.suse.com/