User Tools

Site Tools


doc:uci:ipsec

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:uci:ipsec [2013/01/20 19:01]
birnenschnitzel
doc:uci:ipsec [2013/05/05 11:32] (current)
birnenschnitzel
Line 9: Line 9:
 ^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
 |zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:​howto:​vpn.ipsec.firewall#​zones|firewall zone]]| |zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:​howto:​vpn.ipsec.firewall#​zones|firewall zone]]|
 +|listen|list|yes|''​|Interface that accept VPN traffic (empty for all interfaces, multiple lines for several interfaces)|
  
 ==== remote ==== ==== remote ====
Line 18: Line 19:
 |gateway|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. | |gateway|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. |
 |exchange_mode|string|no|main|Phase 1 negotiation (main, aggressive)| ​ |exchange_mode|string|no|main|Phase 1 negotiation (main, aggressive)| ​
-|my_identifier|string|no|(none)|identifier for phase 1 | +|local_identifier|string|no|(none)|local identifier for phase 1 | 
-|pre_shared_key|string|yes|(none)|The preshared key for the tunnel|+|remote_identifier|string|no|(none)|remote identifier ​for phase 1 |
 |authentication_method|string|yes|(none)|Phase 1 authentication. Only allowed value ath the moment is psk| |authentication_method|string|yes|(none)|Phase 1 authentication. Only allowed value ath the moment is psk|
-|pre_shared_key|string|no|(none)|The preshared key if authentication is psk|+|pre_shared_key|string|no|(none)|The preshared key for the tunnel ​if authentication is psk|
 |p1_proposal|list|yes|(none)|Name of phase 1 proposal (see below)| |p1_proposal|list|yes|(none)|Name of phase 1 proposal (see below)|
 |tunnel|list|yes|(none)|Name of phase 2 section (see below)| |tunnel|list|yes|(none)|Name of phase 2 section (see below)|
Line 30: Line 31:
  
 ^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
-|encrpytion_algorithm|string|yes|(none)|Phase 1 encryption method (aes128, aes192, aes256, 3des)|+|encryption_algorithm|string|yes|(none)|Phase 1 encryption method (aes128, aes192, aes256, 3des)|
 |hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) | |hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) |
 |dh_group|string|yes|(none)|Diffie-Hellman exponentiation (modp768, modep1024, ...| |dh_group|string|yes|(none)|Diffie-Hellman exponentiation (modp768, modep1024, ...|
doc/uci/ipsec.1358704890.txt.bz2 · Last modified: 2013/01/20 19:01 by birnenschnitzel