Differences

This shows you the differences between two versions of the page.

doc:uci:racoon [2012/12/21 16:12]
miceliux
doc:uci:racoon [2013/04/10 20:05] (current)
xenophonf corrected typo
Line 11: Line 11:
|debug|boolean|no|0|Activate racoon debugging if set to 1| |debug|boolean|no|0|Activate racoon debugging if set to 1|
|listen|list|no|(not set)|List which interfaces racoon should listen on. Uses all interfaces if not set.| |listen|list|no|(not set)|List which interfaces racoon should listen on. Uses all interfaces if not set.|
-|zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:howto:vpn.ipsec.firewall#zones|firewall zone]]| +|zone|string|no|vpn|Firewall zone. Has to match the defined [[doc:howto:vpn.ipsec.firewall.racoon#zones|firewall zone]]| 
-|dns|string|no|(none)|IP address of DNS server published to [[[[doc:howto:vpn.ipsec.roadwarrior#naming.services|road warrior]] clients| +|dns|string|no|(none)|IP address of DNS server published to [[[[doc:howto:vpn.ipsec.roadwarrior.racoon#naming.services|road warrior]] clients| 
-|domain|string|no|(none)|Domain name assigned to virtual network interface of [[[[doc:howto:vpn.ipsec.roadwarrior#naming.services|road warrior]] clients|+|domain|string|no|(none)|Domain name assigned to virtual network interface of [[[[doc:howto:vpn.ipsec.roadwarrior.racoon#naming.services|road warrior]] clients|
Line 22: Line 22:
^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
|enabled|boolean|yes|(none)|Configuration is enabled or not| |enabled|boolean|yes|(none)|Configuration is enabled or not|
-|remote|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. Use **anonymous** for [[doc:howto:vpn.ipsec.roadwarrior|road warrior]] setup|+|remote|ipaddr|yes|(none)|IP address or FQDN name of the tunnel remote endpoint. Use **anonymous** for [[doc:howto:vpn.ipsec.roadwarrior.racoon|road warrior]] setup|
|remote_device|string|no|(none)|setting used for optimise racoon.conf generation when remote peer is Cisco ASA| |remote_device|string|no|(none)|setting used for optimise racoon.conf generation when remote peer is Cisco ASA|
|exchange_mode|string|yes|(none)|Phase 1 negotiation (main, aggressive)| |exchange_mode|string|yes|(none)|Phase 1 negotiation (main, aggressive)|
Line 39: Line 39:
^Name^Type^Required^Default^Description^ ^Name^Type^Required^Default^Description^
|lifetime|integer|no|28800|Lifetime of phase 1 in seconds| |lifetime|integer|no|28800|Lifetime of phase 1 in seconds|
-|encrpytion_algorithm|string|yes|(none)|Phase 1 encryption method (aes 128, aes 192, aes 256, 3des)|+|encryption_algorithm|string|yes|(none)|Phase 1 encryption method (aes 128, aes 192, aes 256, 3des)|
|hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) | |hash_alogrithm|string|yes|(none)|Phase 1 hash alogrithm (md5,sha1) |
-|authentication_method|string|yes|(none)|Allowed values [[doc:howto:vpn.ipsec.site2site|pre_shared_key]], [[doc:howto:vpn.ipsec.certificates|rsasig]], [[doc:howto:vpn.ipsec.roadwarrior|xauth_psk_server]] or [[doc:howto:vpn.ipsec.roadwarriorcertificates|xauth_rsa_server]] |+|authentication_method|string|yes|(none)|Allowed values [[doc:howto:vpn.ipsec.site2site.racoon|pre_shared_key]], [[doc:howto:vpn.ipsec.certificates.racoon|rsasig]], [[doc:howto:vpn.ipsec.roadwarrior.racoon|xauth_psk_server]] or [[doc:howto:vpn.ipsec.roadwarriorcertificates.racoon|xauth_rsa_server]] |
|dh_group|string|yes|(none)|Diffie-Hellman exponentiation (either number 2,5,... or name modp768,...| |dh_group|string|yes|(none)|Diffie-Hellman exponentiation (either number 2,5,... or name modp768,...|
Line 51: Line 51:
|local_subnet|subnet|yes|(none)|Local network| |local_subnet|subnet|yes|(none)|Local network|
|remote_subnet|subnet|yes|(none)|Remote network| |remote_subnet|subnet|yes|(none)|Remote network|
-|local_nat|subnet|no|(none)|NAT range for tunnels with [[doc:howto:vpn.ipsec.overlappingsubnets|overlapping IP addresses]]|+|local_nat|subnet|no|(none)|NAT range for tunnels with [[doc:howto:vpn.ipsec.overlappingsubnets.racoon|overlapping IP addresses]]|
|p2_proposal|string|yes|(none)|link to phase 2 proposal| |p2_proposal|string|yes|(none)|link to phase 2 proposal|
Line 74: Line 74:
===== Examples ===== ===== Examples =====
-Example 1 taken from the [[doc:howto:vpn.ipsec.site2site|IPSec site to site howto]].+Example 1 taken from the [[doc:howto:vpn.ipsec.site2site.racoon|IPSec site to site howto]].
<code> <code>
Line 115: Line 115:
-Example 2 taken from the [[doc:howto:vpn.ipsec.certificates|IPSec with certificates howto]].+Example 2 taken from the [[doc:howto:vpn.ipsec.certificates.racoon|IPSec with certificates howto]].
<code> <code>

Back to top

doc/uci/racoon.1356102729.txt.bz2 · Last modified: 2012/12/21 16:12 (external edit)