OS/2 Shareware BBS: 35 Internet

home *** CD-ROM | disk | FTP | other *** search

/ OS/2 Shareware BBS: 35 Internet / 35-Internet.zip / ijfire14.zip / ipsec.cf_ < prev next >

Wrap

Text File | 2000-03-03 | 4KB | 114 lines

;----------------------------------------------------------------------------- ; IPSEC.CFG ;----------------------------------------------------------------------------- ; ; Location.: Workdir of host product ; ; Purpose..: Define Security Association (SA) bundles for use ; with the IPSec PlugIn. ; ; Syntax...: An SA bundle section begins with a section name ; (in brackets) and ends with two empty brackets "[]". ; ; For security reasons, you must use numeric IP addresses ; and not host names. ; ; Lines starting with ';' denote a comment. ; ; Help.....: IPSec Reference Manual ; ; Errors...: Written to 'IPSEC.LOG' in the workdir ;_____________________________________________________________________________ ;----------------------------------------------------------------------------- ; ; SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE ; ; Transport mode connection between two hosts. ; ;----------------------------------------------------------------------------- [transport] mode = transport local = 195.97.1.40 ; our host remote = 195.97.1.1 ; remote host ah = yes ; ah required esp = yes ; esp required reinit = yes ; IKE negotiations on startup [] ;----------------------------------------------------------------------------- ; ; SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE ; ; Simple VPN case. Two intranets behind gateways. ; ;----------------------------------------------------------------------------- [simpleVPN] mode = tunnel local = 195.97.1.1 ; our gateway localnet = 192.168.3.0 ; local net localmask = 255.255.255.0 ; local mask remote = 194.96.1.1 ; remote gateway remotenet = 192.168.2.0 ; remote net remotemask = 255.255.255.0 ; remote mask ah = yes ; ah required esp = yes ; esp required reinit = yes ; IKE negotiations on startup [] ;----------------------------------------------------------------------------- ; ; SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE ; ; Road Warrior case. ; ; Local end is a Road Warrior (e.g. InJoy Dialer with dynamic IP). ; ; Remote end is an IPSec gateway. ; ;----------------------------------------------------------------------------- [RoadWarrior] mode = tunnel local = 0.0.0.0 ; our host is road warrior remote = 195.97.1.1 ; remote gateway remotenet = 192.168.2.0 ; remote net remotemask = 255.255.255.0 ; remote mask ah = yes esp = yes reinit = yes [] ;----------------------------------------------------------------------------- ; ; SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE SAMPLE ; ; IPSec gateway accepting remote Road Warriors ; (e.g. remote InJoy Dialers) ; ;----------------------------------------------------------------------------- [RWgateway] mode = tunnel local = 195.97.1.1 ; our gateway localnet = 192.168.2.0 ; local net localmask = 255.255.255.0 ; local mask remote = 0.0.0.0 ; all RWs share same secret ah = yes esp = yes reinit = no []