[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: isakmpd/x509 - 'default-phase-1-id' required? (user-fqdn)
- To: misc_(_at_)_openbsd_(_dot_)_org
- Subject: Re: isakmpd/x509 - 'default-phase-1-id' required? (user-fqdn)
- From: jared r r spiegel <jrrs_(_at_)_ice-nine_(_dot_)_org>
- Date: Thu, 8 Sep 2005 10:51:51 -0600
- Mail-followup-to: jared r r spiegel <jrrs_(_at_)_ice-nine_(_dot_)_org>, misc_(_at_)_openbsd_(_dot_)_org
On Thu, Sep 08, 2005 at 07:25:52AM -0600, jared r r spiegel wrote:
mis-format on the two configs, please split them thus:
> -[peer a]----------------------------------------
> [general]
> #default-phase-1-id= id1hklocal
>
> [phase 2]
> connections= cx
>
> [id1p54c]
> id-type= user_fqdn
> name= p54c_(_at_)_vpn_(_dot_)_nodeless_(_dot_)_net
>
> [id1hklocal]
> id-type= user_fqdn
> name= hklocal_(_at_)_vpn_(_dot_)_nodeless_(_dot_)_net
>
> [cx]
> phase= 2
> isakmp-peer= peerp54c
> configuration= poo
> local-id= id2hklocal
> remote-id= id2p54c
>
> [peerp54c]
> phase= 1
> address= 67.50.143.54
> id= id1hklocal
> remote-id= id1p54c
>
> [id2p54c]
> id-type= ipv4_addr
> address= 172.16.4.1
>
> [id2hklocal]
> id-type= ipv4_addr
> address= 172.16.7.30
>
> [poo]
> exchange_type= quick_mode
> suites= qm-esp-aes-sha2-512-pfs-grp14-suite
-[peer b]----
> [general]
> #default-phase-1-id= id1p54c
>
> [phase 2]
> Connections= cx
>
> [id1p54c]
> id-type= user_fqdn
> Name= p54c_(_at_)_vpn_(_dot_)_nodeless_(_dot_)_net
>
> [id1hklocal]
> id-type= user_fqdn
> name= hklocal_(_at_)_vpn_(_dot_)_nodeless_(_dot_)_net
>
> [cx]
> phase= 2
> isakmp-peer= peerhklocal
> configuration= poo
> local-id= id2p54c
> remote-id= id2hklocal
>
> [peerhklocal]
> phase= 1
> address= 67.139.90.84
> id= id1p54c
> remote-id= id1hklocal
>
> [id2p54c]
> id-type= ipv4_addr
> address= 172.16.4.1
>
> [id2hklocal]
> id-type= ipv4_addr
> address= 172.16.7.30
>
> [poo]
> exchange_type= quick_mode
> suites= qm-esp-aes-sha2-512-pfs-grp14-suite
> -------------------------------------------------
Visit your host, monkey.org