Differences

This shows you the differences between two versions of the page.

doc:uci:ipsec [2013/01/20 19:01]
birnenschnitzel
doc:uci:ipsec [2013/05/05 11:32] (current)
birnenschnitzel
Line 9: Line 9:
^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
|zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:howto:vpn.ipsec.firewall#zones|firewall zone]]| |zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:howto:vpn.ipsec.firewall#zones|firewall zone]]|
 +|listen|list|yes|''|Interface that accept VPN traffic (empty for all interfaces, multiple lines for several interfaces)|
==== remote ==== ==== remote ====
Line 18: Line 19:
|gateway|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. | |gateway|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. |
|exchange_mode|string|no|main|Phase 1 negotiation (main, aggressive)| |exchange_mode|string|no|main|Phase 1 negotiation (main, aggressive)|
-|my_identifier|string|no|(none)|identifier for phase 1 | +|local_identifier|string|no|(none)|local identifier for phase 1 | 
-|pre_shared_key|string|yes|(none)|The preshared key for the tunnel|+|remote_identifier|string|no|(none)|remote identifier for phase 1 |
|authentication_method|string|yes|(none)|Phase 1 authentication. Only allowed value ath the moment is psk| |authentication_method|string|yes|(none)|Phase 1 authentication. Only allowed value ath the moment is psk|
-|pre_shared_key|string|no|(none)|The preshared key if authentication is psk|+|pre_shared_key|string|no|(none)|The preshared key for the tunnel if authentication is psk|
|p1_proposal|list|yes|(none)|Name of phase 1 proposal (see below)| |p1_proposal|list|yes|(none)|Name of phase 1 proposal (see below)|
|tunnel|list|yes|(none)|Name of phase 2 section (see below)| |tunnel|list|yes|(none)|Name of phase 2 section (see below)|
Line 30: Line 31:
^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
-|encrpytion_algorithm|string|yes|(none)|Phase 1 encryption method (aes128, aes192, aes256, 3des)|+|encryption_algorithm|string|yes|(none)|Phase 1 encryption method (aes128, aes192, aes256, 3des)|
|hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) | |hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) |
|dh_group|string|yes|(none)|Diffie-Hellman exponentiation (modp768, modep1024, ...| |dh_group|string|yes|(none)|Diffie-Hellman exponentiation (modp768, modep1024, ...|

Back to top

doc/uci/ipsec.1358704890.txt.bz2 · Last modified: 2013/01/20 19:01 by birnenschnitzel