1 .\" $OpenBSD: isakmpd.conf.5,v 1.94 2004/08/10 15:59:10 ho Exp $
2 .\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $
4 .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved.
5 .\" Copyright (c) 2000, 2001, 2002 HÃ¥kan Olsson. All rights reserved.
7 .\" Redistribution and use in source and binary forms, with or without
8 .\" modification, are permitted provided that the following conditions
10 .\" 1. Redistributions of source code must retain the above copyright
11 .\" notice, this list of conditions and the following disclaimer.
12 .\" 2. Redistributions in binary form must reproduce the above copyright
13 .\" notice, this list of conditions and the following disclaimer in the
14 .\" documentation and/or other materials provided with the distribution.
16 .\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17 .\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18 .\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19 .\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20 .\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21 .\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22 .\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23 .\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
27 .\" This code was written under funding by Ericsson Radio Systems.
29 .\" Manual page, using -mandoc macros
36 .Nd configuration file for isakmpd
39 is the configuration file for the
41 daemon managing security association and key management for the
42 IPsec layer of the kernel's networking stack.
44 The file is of a well known type of format called .INI style, named after
45 the suffix used by an overrated windowing environment for its configuration
47 This format consists of sections, each beginning with a line looking like:
51 Between the brackets is the name of the section following this section header.
52 Inside a section many tag/value pairs can be stored, each one looking like:
56 If the value needs more space than fits on a single line it's possible to
57 continue it on the next by ending the first with a backslash character
58 immediately before the newline character.
59 This method can extend a value for an arbitrary number of lines.
61 Comments can be put anywhere in the file by using a hash mark
63 The comment extends to the end of the current line.
65 Often the right-hand side values consist of other section names.
66 This results in a tree structure.
67 Some values are treated as a list of several scalar values.
68 Such lists always use a comma character as the separator.
69 Some values are formatted like this: X,Y:Z, which
70 is an offer/accept syntax, where X is a value we offer and Y:Z is a range of
71 accepted values, inclusive.
73 To activate changes to
79 signal to the daemon process.
80 .Ss Auto-generated parts of the configuration
82 Some predefined section names are recognized by the daemon, avoiding the need
83 to fully specify the Main Mode transforms and Quick Mode suites, protocols,
88 .Ar {DES,BLF,3DES,CAST,AES}-{MD5,SHA}[-GRP{1,2,5,14}][-{DSS,RSA_SIG}]
93 .Ar QM-{proto}[-TRP]-{cipher}[-{hash}][-PFS[-{group}]]-SUITE
97 {proto} is either ESP or AH
98 {cipher} is either DES, 3DES, CAST, BLF or AES
99 {hash} is either MD5, SHA, RIPEMD, SHA2-{256,384,512}
100 {group} is either GRP1, GRP2, GRP5 or GRP14
103 For example, 3DES-SHA means: 3DES encryption, SHA hash, and authorization by
105 Similarly, QM-ESP-3DES-SHA-PFS-SUITE means: ESP protocol, 3DES encryption,
106 SHA hash, and use Perfect Forward Secrecy.
108 Unless explicitly stated with -GRP1, 2, 5 or 14 transforms and PFS suites
110 There are currently no predefined ESP+AH Quick Mode suites.
112 The predefinitions include some default values for the special
113 sections "General", "Keynote", "X509-certificates", and
114 "Default-phase-1-configuration".
115 These default values are presented in the example below.
117 All autogenerated values can be overridden by manual entries by using the
118 same section and tag names in the configuration file.
119 In particular, the default phase 1 (Main or Aggressive Mode) and phase 2
120 (Quick Mode) lifetimes can be overridden by these tags under the "General"
124 Default-phase-1-lifetime= 3600,60:86400
125 Default-phase-2-lifetime= 1200,60:86400
128 The Main Mode lifetime currently defaults to one hour (minimum 60
129 seconds, maximum 1 day).
130 The Quick Mode lifetime defaults to 20 minutes
131 (minimum 60 seconds, maximum 1 day).
133 Also, the default phase 1 ID can be set by creating a <Phase1-ID>
134 section, as shown below, and adding this tag under the "General"
138 Default-phase-1-ID= Phase1-ID-name
147 Generic global configuration parameters
149 .It Em Default-phase-1-ID
150 Optional default phase 1 ID name.
151 .It Em Default-phase-1-lifetime
152 The default lifetime for autogenerated transforms (phase 1).
153 If unspecified, the value 3600,60:86400 is used as the default.
154 .It Em Default-phase-2-lifetime
155 The default lifetime for autogenerated suites (phase 2).
156 If unspecified, the value 1200,60:86400 is used as the default.
157 .It Em Default-phase-2-suites
158 A list of phase 2 suites that will be used when establishing dynamic
160 If left unspecified, QM-ESP-3DES-SHA-PFS-SUITE is used as the default.
162 If this tag is defined,
164 will not set up flows automatically.
165 This is useful when flows are configured with
167 or by other programs like
171 only takes care of the SA establishment.
172 .It Em Check-interval
173 The interval between watchdog checks of connections we want up at all
175 .It Em DPD-check-interval
176 The interval between RFC 3706 (Dead Peer Detection) messages.
177 The default value is 0 (zero), which means DPD is disabled.
178 .It Em Exchange-max-time
179 How many seconds should an exchange maximally take to set up before we
182 A list of IP-addresses OK to listen on.
183 This list is used as a filter for the set of addresses the interfaces
185 This means that we won't see if an address given here does not exist
186 on this host, and thus no error is given for that case.
189 .Ar class Ns = Ns Ar level ,
195 This is similar to the
197 command line switch of
203 If this tag is defined, whatever the value is, verbose logging is enabled.
204 This is similar to the
206 command line switch of
211 .It Em NAT-T-Keepalive
212 The number of seconds between NAT-T keepalive messages, sent by the
213 peer behind NAT to keep the mapping active.
216 The name of the file that contains
219 The default is "/etc/isakmpd/isakmpd.policy".
220 .It Em Pubkey-directory
221 The directory in which
223 looks for explicitly trusted public keys.
224 The default is "/etc/isakmpd/pubkeys".
227 for the required naming convention of the files in here.
228 .It Em Renegotiate-on-HUP
229 If this tag is defined, whatever the value is,
231 will renegotiate all current phase 2 SAs when the daemon receives a
235 is sent to the FIFO interface (see
238 How many times should a message be retransmitted before giving up.
240 If this tag is defined, whatever the value is, some semantics of
242 are changed so that multiple instances can run on top of one SADB
243 and set up SAs with each other.
244 Specifically this means replay
245 protection will not be asked for, and errors that can occur when
246 updating an SA with its parameters a 2nd time will be ignored.
248 This tag controls the use of
253 which enables the policy checking.
254 When set to any other value, policies will not be checked.
255 This is useful when policies for flows and SA establishment are arranged by
262 ISAKMP SA negotiation parameter root
265 A name of the ISAKMP peer at the given IP-address.
267 A name of the default ISAKMP peer.
268 Incoming phase 1 connections from other IP-addresses will use this peer name.
270 This name is used as the section name for further information to be found.
271 Look at <ISAKMP-peer> below.
274 IPsec SA negotiation parameter root
277 A list of directed IPsec "connection" names that should be brought up
278 automatically, either on first use if the system supports it, or at
279 startup of the daemon.
280 These names are section names where further information can be found.
281 Look at <IPsec-connection> below.
282 Normally any connections mentioned here are treated as part of the
283 "Passive-connection" list we present below, however there is a
284 flag: "Active-only" that disables this behaviour.
285 This too is mentioned in the <IPsec-connection> section, in the "Flags" tag.
286 .It Em Passive-connections
287 A list of IPsec "connection" names we recognize and accept initiations for.
288 These names are section names where further information can be found.
289 Look at <IPsec-connection> below.
290 Currently only the Local-ID and Remote-ID tags
291 are looked at in those sections, as they are matched against the IDs given
296 .It Em Credential-directory
297 A directory containing directories named after IDs (IP
300 or hostnames) that contain files named
305 The credentials file contains
307 credentials that are sent to a remote IKE daemon when we use the
308 associated ID, or credentials that we may want to consider when doing
309 an exchange with a remote IKE daemon that uses that ID.
310 Note that, in the former case, the last credential in the file
311 MUST contain our public key in its Licensees field.
312 More than one credentials may exist in the file.
313 They are separated by whitelines (the format is essentially the same as
314 that of the policy file).
315 The credentials are of the same format as the policies described in
316 .Xr isakmpd.policy 5 .
317 The only difference is that the Authorizer field contains a public
318 key, and the assertion is signed.
319 Signed assertions can be generated using the
323 The private_key file contains the private RSA key we use for
325 If the directory (and the files) exist, they take precedence over X509-based
328 .It Em X509-Certificates
330 .It Em Accept-self-signed
331 If this tag is defined, whatever the value is, certificates that
332 do not originate from a trusted CA but are self-signed will be
335 A directory containing PEM certificates of certification authorities
336 that we trust to sign other certificates.
337 Note that for a CA to be really trusted, it needs to be somehow
338 referred to by policy, in
339 .Xr isakmpd.policy 5 .
340 The certificates in this directory are used for the actual X.509
341 authentication and for cross-referencing policies that refer to
342 Distinguished Names (DNs).
343 Keeping a separate directory (as opposed to integrating policies
344 and X.509 CA certificates) allows for maintenance of a list of
345 "well known" CAs without actually having to trust all (or any) of them.
346 .It Em Cert-directory
347 A directory containing PEM certificates that we trust to be valid.
348 These certificates are used in preference to those passed in messages and
349 are required to have a subjectAltName extension containing the certificate
350 holder identity; usually IP address, FQDN, or User FQDN, as provided by
353 The private key matching the public key of our certificate (which should be
354 in the "Cert-directory", and have an appropriate subjectAltName field).
357 .Ss Referred-to sections
360 Parameters for negotiation with an ISAKMP peer
365 as ISAKMP-peers and IPsec-connections
366 really are handled by the same code inside isakmpd.
368 The name of the transport protocol, defaults to
375 port number to send to.
376 This is optional, the
377 default value is 500 which is the IANA-registered number for ISAKMP.
379 The Local IP-address to use, if we are multi-homed, or have aliases.
381 If existent, the IP-address of the peer.
383 The name of the ISAKMP-configuration section to use.
384 Look at <ISAKMP-configuration> below.
385 If unspecified, defaults to "Default-phase-1-configuration".
386 .It Em Authentication
387 If existent, authentication data for this specific peer.
388 In the case of preshared key, this is the key value itself.
390 If existent, the name of the section that describes the
391 local client ID that we should present to our peer.
393 defaults to the address of the local interface we are sending packets
394 over to the remote daemon.
395 Look at <Phase1-ID> below.
397 If existent, the name of the section that describes the remote client
398 ID we expect the remote daemon to send us.
399 If not present, it defaults to the address of the remote daemon.
400 Look at <Phase1-ID> below.
402 A comma-separated list of flags controlling the further
403 handling of the ISAKMP SA.
404 Currently there are no specific ISAKMP SA flags defined.
409 The ID type as given by the RFC specifications.
410 For phase 1 this is currently
412 .Li IPV4_ADDR_SUBNET ,
414 .Li IPV6_ADDR_SUBNET ,
424 this tag should exist and be an IP-address.
430 this tag should exist and
431 be a network address.
437 this tag should exist and
438 be a network subnet mask.
445 this tag should exist and contain a domain name, user@domain, or
446 other identifying string respectively.
450 note that the IKE protocol allows any octet sequence to be sent or
451 received under this payload, potentially including non-printable
454 can only transmit printable
456 payloads, but can receive and process arbitrary
459 This effectively means that non-printable
461 remote identities cannot be verified through this means, although it
462 is still possible to do so through
463 .Xr isakmpd.policy 5 .
465 .It Em <ISAKMP-configuration>
468 The domain of interpretation as given by the RFCs.
471 If unspecified, defaults to
474 The exchange type as given by the RFCs.
475 For main mode this is
477 and for aggressive mode it is
480 A list of proposed transforms to use for protecting the
482 These are actually names for sections
483 further describing the transforms.
484 Look at <ISAKMP-transform> below.
486 .It Em <ISAKMP-transform>
488 .It Em ENCRYPTION_ALGORITHM
489 The encryption algorithm as the RFCs name it, or ANY to denote that any
490 encryption algorithm proposed will be accepted.
492 For encryption algorithms with variable key length, this is
493 where the offered/accepted keylengths are described.
494 The value is of the offer-accept kind described above.
495 .It Em HASH_ALGORITHM
496 The hash algorithm as the RFCs name it, or ANY.
497 .It Em AUTHENTICATION_METHOD
498 The authentication method as the RFCs name it, or ANY.
499 .It Em GROUP_DESCRIPTION
500 The group used for Diffie-Hellman exponentiations, or ANY.
501 The names are symbolic, like
502 .Li MODP_768 , MODP_1024 , EC_155
506 The algorithm to use for the keyed pseudo-random function (used for key
507 derivation and authentication in phase 1), or ANY.
509 A list of lifetime descriptions, or ANY.
510 In the former case, each
511 element is in itself a name of the section that defines the lifetime.
512 Look at <Lifetime> below.
513 If it is set to ANY, then any type of
514 proposed lifetime type and value will be accepted.
522 depending on the type of the duration.
523 Notice that this field may NOT be set to ANY.
525 An offer/accept kind of value, see above.
526 Can also be set to ANY.
528 .It Em <IPsec-connection>
533 as ISAKMP-peers and IPsec-connections
534 really are handled by the same code inside isakmpd.
536 The name of the ISAKMP-peer which to talk to in order to
537 set up this connection.
538 The value is the name of an <ISAKMP-peer> section.
541 The name of the IPsec-configuration section to use.
542 Look at <IPsec-configuration> below.
544 If existent, the name of the section that describes the
545 optional local client ID that we should present to our peer.
546 It is also used when we act as responders to find out what
547 <IPsec-connection> we are dealing with.
548 Look at <IPsec-ID> below.
550 If existent, the name of the section that describes the
551 optional remote client ID that we should present to our peer.
552 It is also used when we act as responders to find out what
553 <IPsec-connection> we are dealing with.
554 Look at <IPsec-ID> below.
556 A comma-separated list of flags controlling the further
557 handling of the IPsec SA.
558 Currently only one flag is defined:
561 If this flag is given and this <IPsec-connection> is part of the phase 2
562 connections we automatically keep up, it will not automatically be used for
563 accepting connections from the peer.
566 .It Em <IPsec-configuration>
569 The domain of interpretation as given by the RFCs.
572 If unspecified, defaults to
575 The exchange type as given by the RFCs.
576 For quick mode this is
579 A list of protection suites (bundles of protocols) usable for
580 protecting the IP traffic.
581 Each of the list elements is a name of an <IPsec-suite> section.
587 A list of the protocols included in this protection suite.
588 Each of the list elements is a name of an <IPsec-protocol>
592 .It Em <IPsec-protocol>
595 The protocol as given by the RFCs.
596 Acceptable values today are
601 A list of transforms usable for implementing the protocol.
602 Each of the list elements is a name of an <IPsec-transform>
606 The size of the window used for replay protection.
607 This is normally left alone.
612 RFCs for a better description.
614 .It Em <IPsec-transform>
617 The transform ID as given by the RFCs.
618 .It Em ENCAPSULATION_MODE
619 The encapsulation mode as given by the RFCs.
620 This means TRANSPORT or TUNNEL.
621 .It Em AUTHENTICATION_ALGORITHM
622 The optional authentication algorithm in the case of this
623 being an ESP transform.
624 .It Em GROUP_DESCRIPTION
625 An optional (provides PFS if present) Diffie-Hellman group
627 The values are the same as GROUP_DESCRIPTION's
628 in <ISAKMP-transform> sections shown above.
630 List of lifetimes, each element is a <Lifetime> section name.
635 The ID type as given by the RFCs.
636 For IPsec this is currently
641 .Li IPV6_ADDR_SUBNET .
647 this tag should exist and be an IP-address.
653 this tag should exist and
654 be a network address.
660 this tag should exist and
661 be a network subnet mask.
665 .Li IPV4_ADDR_SUBNET ,
669 this tag indicates what transport protocol should be transmitted over
671 If left unspecified, all transport protocols between the two address
672 (ranges) will be sent (or permitted) over that SA.
676 .Li IPV4_ADDR_SUBNET ,
680 this tag indicates what source or destination port is allowed to be
681 transported over the SA (depending on whether this is a local or
683 If left unspecified, all ports of the given transport protocol
684 will be transmitted (or permitted) over the SA.
685 The Protocol tag must be specified in conjunction with this tag.
691 Parameters to use with IKE mode-config.
694 An IKECFG-ID is written as [<ID-type>/<name>].
695 The following ID types are supported:
700 [ipv6/abcd:abcd::ab:cd]
704 [ufqdn/user@foo.bar.org]
706 [asn1_dn//C=aa/O=cc/...] (Note the double slashes as the DN itself
711 Each section specifies what configuration values to return to the peer
712 requesting IKE mode-config.
713 Currently supported values are:
716 The peer's network address.
720 The IP address of a DNS nameserver.
722 The IP address of a WINS server.
724 .It Em <Initiator-ID>
726 During phase 1 negotiation
728 looks for a pre-shared key in the <ISAKMP-peer> section.
729 If no Authentication data is specified in that section, and
731 is not the initiator, it looks for Authentication data in a section named after
732 the initiator's phase 1 ID.
733 This allows mobile users with dynamic IP addresses
734 to have different shared secrets.
736 This only works for aggressive mode because in main mode the remote
737 initiator ID would not yet be known.
739 The name of the <Initiator-ID> section depends on the ID type sent by
741 Currently this can be:
754 .Bl -tag -width /etc/isakmpd/isakmpd.conf
755 .It Pa /etc/isakmpd/isakmpd.conf
759 .It Pa /usr/share/ipsec/isakmpd/
760 A directory containing some sample
765 An example of a configuration file:
767 # A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
772 # Incoming phase 1 negotiations are multiplexed on the source IP address
774 10.1.0.1= ISAKMP-peer-west
776 # These connections are walked over after config file parsing and told
777 # to the application layer so that it will inform us when traffic wants to
779 This means we can do on-demand keying.
781 Connections= IPsec-east-west
783 # Default values are commented out.
787 Local-address= 10.1.0.2
791 #Configuration= Default-phase-1-configuration
792 Authentication= mekmitasdigoat
797 ISAKMP-peer= ISAKMP-peer-west
798 Configuration= Default-quick-mode
804 ID-type= IPV4_ADDR_SUBNET
806 Netmask= 255.255.255.0
809 ID-type= IPV4_ADDR_SUBNET
811 Netmask= 255.255.255.0
813 # Quick mode descriptions
816 EXCHANGE_TYPE= QUICK_MODE
817 Suites= QM-ESP-3DES-SHA-PFS-SUITE,QM-ESP-AES-SHA-PFS-SUITE
819 # Data for an IKE mode-config peer
820 [asn1_dn//C=SE/L=SomeCity/O=SomeCompany/CN=SomePeer.company.com]
821 Address= 192.168.1.123
822 Netmask= 255.255.255.0
823 Nameserver= 192.168.1.10
824 WINS-server= 192.168.1.11
826 # pre-shared key based on initiator's phase 1 ID
828 Authentication= mekmitasdigoat
831 # #####################################################################
832 # All configuration data below this point is not required as the example
833 # uses the predefined Main Mode transform and Quick Mode suite names.
834 # It is included here for completeness. Note the default values for the
835 # [General] and [X509-certificates] sections just below.
836 # #####################################################################
840 Policy-file= /etc/isakmpd/isakmpd.policy
842 Exchange-max-time= 120
844 # KeyNote credential storage
846 Credential-directory= /etc/isakmpd/keynote/
848 # Certificates stored in PEM format
850 CA-directory= /etc/isakmpd/ca/
851 Cert-directory= /etc/isakmpd/certs/
852 CRL-directory= /etc/isakmpd/crls/
853 Private-key= /etc/isakmpd/private/local.key
855 # Default phase 1 description (Main Mode)
857 [Default-phase-1-configuration]
858 EXCHANGE_TYPE= ID_PROT
861 # Main mode transforms
862 ######################
867 ENCRYPTION_ALGORITHM= DES_CBC
869 AUTHENTICATION_METHOD= PRE_SHARED
870 GROUP_DESCRIPTION= MODP_1024
871 Life= Default-phase-1-lifetime
874 ENCRYPTION_ALGORITHM= DES_CBC
876 AUTHENTICATION_METHOD= PRE_SHARED
877 GROUP_DESCRIPTION= MODP_1024
878 Life= Default-phase-1-lifetime
883 ENCRYPTION_ALGORITHM= 3DES_CBC
885 AUTHENTICATION_METHOD= PRE_SHARED
886 GROUP_DESCRIPTION= MODP_1024
887 Life= Default-phase-1-lifetime
892 ENCRYPTION_ALGORITHM= BLOWFISH_CBC
893 KEY_LENGTH= 128,96:192
895 AUTHENTICATION_METHOD= PRE_SHARED
896 GROUP_DESCRIPTION= MODP_1024
897 Life= Default-phase-1-lifetime
899 # Blowfish, using DH group 4 (non-default)
901 ENCRYPTION_ALGORITHM= BLOWFISH_CBC
902 KEY_LENGTH= 128,96:192
904 AUTHENTICATION_METHOD= PRE_SHARED
905 GROUP_DESCRIPTION= EC2N_185
906 Life= Default-phase-1-lifetime
908 # Quick mode protection suites
909 ##############################
914 Protocols= QM-ESP-DES
916 [QM-ESP-DES-PFS-SUITE]
917 Protocols= QM-ESP-DES-PFS
919 [QM-ESP-DES-MD5-SUITE]
920 Protocols= QM-ESP-DES-MD5
922 [QM-ESP-DES-MD5-PFS-SUITE]
923 Protocols= QM-ESP-DES-MD5-PFS
925 [QM-ESP-DES-SHA-SUITE]
926 Protocols= QM-ESP-DES-SHA
928 [QM-ESP-DES-SHA-PFS-SUITE]
929 Protocols= QM-ESP-DES-SHA-PFS
933 [QM-ESP-3DES-SHA-SUITE]
934 Protocols= QM-ESP-3DES-SHA
936 [QM-ESP-3DES-SHA-PFS-SUITE]
937 Protocols= QM-ESP-3DES-SHA-PFS
941 [QM-ESP-AES-SHA-SUITE]
942 Protocols= QM-ESP-AES-SHA
944 [QM-ESP-AES-SHA-PFS-SUITE]
945 Protocols= QM-ESP-AES-SHA-PFS
952 [QM-AH-MD5-PFS-SUITE]
953 Protocols= QM-AH-MD5-PFS
955 # AH + ESP (non-default)
957 [QM-AH-MD5-ESP-DES-SUITE]
958 Protocols= QM-AH-MD5,QM-ESP-DES
960 [QM-AH-MD5-ESP-DES-MD5-SUITE]
961 Protocols= QM-AH-MD5,QM-ESP-DES-MD5
963 [QM-ESP-DES-MD5-AH-MD5-SUITE]
964 Protocols= QM-ESP-DES-MD5,QM-AH-MD5
966 # Quick mode protocols
971 PROTOCOL_ID= IPSEC_ESP
972 Transforms= QM-ESP-DES-XF
975 PROTOCOL_ID= IPSEC_ESP
976 Transforms= QM-ESP-DES-MD5-XF
979 PROTOCOL_ID= IPSEC_ESP
980 Transforms= QM-ESP-DES-MD5-PFS-XF
983 PROTOCOL_ID= IPSEC_ESP
984 Transforms= QM-ESP-DES-SHA-XF
989 PROTOCOL_ID= IPSEC_ESP
990 Transforms= QM-ESP-3DES-SHA-XF
992 [QM-ESP-3DES-SHA-PFS]
993 PROTOCOL_ID= IPSEC_ESP
994 Transforms= QM-ESP-3DES-SHA-PFS-XF
996 [QM-ESP-3DES-SHA-TRP]
997 PROTOCOL_ID= IPSEC_ESP
998 Transforms= QM-ESP-3DES-SHA-TRP-XF
1003 PROTOCOL_ID= IPSEC_ESP
1004 Transforms= QM-ESP-AES-SHA-XF
1006 [QM-ESP-AES-SHA-PFS]
1007 PROTOCOL_ID= IPSEC_ESP
1008 Transforms= QM-ESP-AES-SHA-PFS-XF
1010 [QM-ESP-AES-SHA-TRP]
1011 PROTOCOL_ID= IPSEC_ESP
1012 Transforms= QM-ESP-AES-SHA-TRP-XF
1017 PROTOCOL_ID= IPSEC_AH
1018 Transforms= QM-AH-MD5-XF
1021 PROTOCOL_ID= IPSEC_AH
1022 Transforms= QM-AH-MD5-PFS-XF
1024 # Quick mode transforms
1030 ENCAPSULATION_MODE= TUNNEL
1031 Life= Default-phase-2-lifetime
1035 ENCAPSULATION_MODE= TUNNEL
1036 AUTHENTICATION_ALGORITHM= HMAC_MD5
1037 Life= Default-phase-2-lifetime
1039 [QM-ESP-DES-MD5-PFS-XF]
1041 ENCAPSULATION_MODE= TUNNEL
1042 GROUP_DESCRIPTION= MODP_1024
1043 AUTHENTICATION_ALGORITHM= HMAC_MD5
1044 Life= Default-phase-2-lifetime
1048 ENCAPSULATION_MODE= TUNNEL
1049 AUTHENTICATION_ALGORITHM= HMAC_SHA
1050 Life= Default-phase-2-lifetime
1054 [QM-ESP-3DES-SHA-XF]
1056 ENCAPSULATION_MODE= TUNNEL
1057 AUTHENTICATION_ALGORITHM= HMAC_SHA
1058 Life= Default-phase-2-lifetime
1060 [QM-ESP-3DES-SHA-PFS-XF]
1062 ENCAPSULATION_MODE= TUNNEL
1063 AUTHENTICATION_ALGORITHM= HMAC_SHA
1064 GROUP_DESCRIPTION= MODP_1024
1065 Life= Default-phase-2-lifetime
1067 [QM-ESP-3DES-SHA-TRP-XF]
1069 ENCAPSULATION_MODE= TRANSPORT
1070 AUTHENTICATION_ALGORITHM= HMAC_SHA
1071 Life= Default-phase-2-lifetime
1077 ENCAPSULATION_MODE= TUNNEL
1078 AUTHENTICATION_ALGORITHM= HMAC_SHA
1079 Life= Default-phase-2-lifetime
1081 [QM-ESP-AES-SHA-PFS-XF]
1083 ENCAPSULATION_MODE= TUNNEL
1084 AUTHENTICATION_ALGORITHM= HMAC_SHA
1085 GROUP_DESCRIPTION= MODP_1024
1086 Life= Default-phase-2-lifetime
1088 [QM-ESP-AES-SHA-TRP-XF]
1090 ENCAPSULATION_MODE= TRANSPORT
1091 AUTHENTICATION_ALGORITHM= HMAC_SHA
1092 Life= Default-phase-2-lifetime
1098 ENCAPSULATION_MODE= TUNNEL
1099 AUTHENTICATION_ALGORITHM= HMAC_MD5
1100 Life= Default-phase-2-lifetime
1104 ENCAPSULATION_MODE= TUNNEL
1105 GROUP_DESCRIPTION= MODP_1024
1106 Life= Default-phase-2-lifetime
1110 LIFE_DURATION= 3600,1800:7200
1112 [Sample-Life-Volume]
1113 LIFE_TYPE= KILOBYTES
1114 LIFE_DURATION= 1000,768:1536
1120 .Xr isakmpd.policy 5 ,
1123 The RFCs do not permit differing DH groups in the same proposal for
1124 aggressive and quick mode exchanges.
1125 Mixing both PFS and non-PFS suites in a quick mode proposal is not possible,
1126 as PFS implies using a DH group.