summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/samples
diff options
context:
space:
mode:
authorNiklas Hallqvist <niklas@cvs.openbsd.org>2000-11-23 12:56:26 +0000
committerNiklas Hallqvist <niklas@cvs.openbsd.org>2000-11-23 12:56:26 +0000
commitb4a20c03d3c3cef5bbb260cc931e1b4217d51fe7 (patch)
tree0b009367443fa370a2c56b6769416c2d1beff68f /sbin/isakmpd/samples
parent42b2c2b050c7617bac2ebc3684b81226b0aa9d43 (diff)
samples/singlehost-east.conf: Merge with EOM 1.10
samples/singlehost-west.conf: Merge with EOM 1.10 samples/singlehost-setup.sh: Merge with EOM 1.3 author: niklas use networks that fits me better
Diffstat (limited to 'sbin/isakmpd/samples')
-rw-r--r--sbin/isakmpd/samples/singlehost-east.conf21
-rw-r--r--sbin/isakmpd/samples/singlehost-setup.sh30
-rw-r--r--sbin/isakmpd/samples/singlehost-west.conf21
3 files changed, 37 insertions, 35 deletions
diff --git a/sbin/isakmpd/samples/singlehost-east.conf b/sbin/isakmpd/samples/singlehost-east.conf
index 3551233ea94..f0afc46f047 100644
--- a/sbin/isakmpd/samples/singlehost-east.conf
+++ b/sbin/isakmpd/samples/singlehost-east.conf
@@ -1,14 +1,15 @@
-# $OpenBSD: singlehost-east.conf,v 1.9 2000/10/09 23:27:30 niklas Exp $
-# $EOM: singlehost-east.conf,v 1.9 2000/10/09 22:08:30 angelos Exp $
+# $OpenBSD: singlehost-east.conf,v 1.10 2000/11/23 12:56:25 niklas Exp $
+# $EOM: singlehost-east.conf,v 1.10 2000/11/23 12:24:43 niklas Exp $
# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
[General]
-Listen-on= 10.1.0.2
+Listen-on= 10.1.0.12
Shared-SADB= Defined
+Policy-File= policy
[Phase 1]
-10.1.0.1= ISAKMP-peer-west
+10.1.0.11= ISAKMP-peer-west
Default= ISAKMP-peer-west-aggressive
[Phase 2]
@@ -17,16 +18,16 @@ Connections= IPsec-east-west
[ISAKMP-peer-west]
Phase= 1
Transport= udp
-Local-address= 10.1.0.2
-Address= 10.1.0.1
+Local-address= 10.1.0.12
+Address= 10.1.0.11
Configuration= Default-main-mode
Authentication= mekmitasdigoat
[ISAKMP-peer-west-aggressive]
Phase= 1
Transport= udp
-Local-address= 10.1.0.2
-Address= 10.1.0.1
+Local-address= 10.1.0.12
+Address= 10.1.0.11
Configuration= Default-aggressive-mode
Authentication= mekmitasdigoat
@@ -39,12 +40,12 @@ Remote-ID= Net-west
[Net-west]
ID-type= IPV4_ADDR_SUBNET
-Network= 192.168.1.0
+Network= 192.168.11.0
Netmask= 255.255.255.0
[Net-east]
ID-type= IPV4_ADDR_SUBNET
-Network= 192.168.2.0
+Network= 192.168.12.0
Netmask= 255.255.255.0
[Default-main-mode]
diff --git a/sbin/isakmpd/samples/singlehost-setup.sh b/sbin/isakmpd/samples/singlehost-setup.sh
index 797727dabf8..378f599902b 100644
--- a/sbin/isakmpd/samples/singlehost-setup.sh
+++ b/sbin/isakmpd/samples/singlehost-setup.sh
@@ -1,30 +1,30 @@
#!/bin/sh
-# $OpenBSD: singlehost-setup.sh,v 1.1 1999/03/31 23:45:53 niklas Exp $
-# $EOM: singlehost-setup.sh,v 1.2 1999/03/31 23:45:16 niklas Exp $
+# $OpenBSD: singlehost-setup.sh,v 1.2 2000/11/23 12:56:25 niklas Exp $
+# $EOM: singlehost-setup.sh,v 1.3 2000/11/23 12:24:43 niklas Exp $
# A script to test single-host VPNs
cleanup () {
ipf -r -f - <<' EOF'
- pass out quick on lo2 proto 50
- pass out quick on lo2 from 192.168.1.0/24 to any
- pass out quick on lo3 proto 50
- pass out quick on lo3 from 192.168.2.0/24 to any
+ pass out quick on lo2 proto 50 all
+ pass out quick on lo2 from 192.168.11.0/24 to any
+ pass out quick on lo3 proto 50 all
+ pass out quick on lo3 from 192.168.12.0/24 to any
block out on lo2
block out on lo3
EOF
}
-ifconfig lo2 192.168.1.1 netmask 0xffffff00
-ifconfig lo3 192.168.2.1 netmask 0xffffff00
-ifconfig lo4 10.1.0.1 netmask 0xffff0000
-ifconfig lo5 10.1.0.2 netmask 0xffff0000
+ifconfig lo2 192.168.11.1 netmask 0xffffff00
+ifconfig lo3 192.168.12.1 netmask 0xffffff00
+ifconfig lo4 10.1.0.11 netmask 0xffff0000
+ifconfig lo5 10.1.0.12 netmask 0xffff0000
ipf -E -f - <<EOF
-pass out quick on lo2 proto 50
-pass out quick on lo2 from 192.168.1.0/24 to any
-pass out quick on lo3 proto 50
-pass out quick on lo3 from 192.168.2.0/24 to any
+pass out quick on lo2 proto 50 all
+pass out quick on lo2 from 192.168.11.0/24 to any
+pass out quick on lo3 proto 50 all
+pass out quick on lo3 from 192.168.12.0/24 to any
block out on lo2
block out on lo3
EOF
@@ -37,6 +37,6 @@ isakmpd -c singlehost-west.conf -f west.fifo "$@"
# Give them some slack...
sleep 10
-ping -I 192.168.1.1 -c 30 192.168.2.1
+ping -I 192.168.11.1 -c 30 192.168.12.1
cleanup
diff --git a/sbin/isakmpd/samples/singlehost-west.conf b/sbin/isakmpd/samples/singlehost-west.conf
index 94e5b720a69..a7b376a419e 100644
--- a/sbin/isakmpd/samples/singlehost-west.conf
+++ b/sbin/isakmpd/samples/singlehost-west.conf
@@ -1,14 +1,15 @@
-# $OpenBSD: singlehost-west.conf,v 1.9 2000/10/09 23:27:30 niklas Exp $
-# $EOM: singlehost-west.conf,v 1.9 2000/10/09 22:08:30 angelos Exp $
+# $OpenBSD: singlehost-west.conf,v 1.10 2000/11/23 12:56:25 niklas Exp $
+# $EOM: singlehost-west.conf,v 1.10 2000/11/23 12:24:43 niklas Exp $
# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
[General]
-Listen-on= 10.1.0.1
+Listen-on= 10.1.0.11
Shared-SADB= Defined
+Policy-File= policy
[Phase 1]
-10.1.0.2= ISAKMP-peer-east
+10.1.0.12= ISAKMP-peer-east
Default= ISAKMP-peer-east-aggressive
[Phase 2]
@@ -17,8 +18,8 @@ Connections= IPsec-west-east
[ISAKMP-peer-east]
Phase= 1
Transport= udp
-Local-address= 10.1.0.1
-Address= 10.1.0.2
+Local-address= 10.1.0.11
+Address= 10.1.0.12
Configuration= Default-main-mode
Identification= IPV4_ADDR/10.1.0.1
Authentication= mekmitasdigoat
@@ -26,8 +27,8 @@ Authentication= mekmitasdigoat
[ISAKMP-peer-east-aggressive]
Phase= 1
Transport= udp
-Local-address= 10.1.0.1
-Address= 10.1.0.2
+Local-address= 10.1.0.11
+Address= 10.1.0.12
Configuration= Default-aggressive-mode
Authentication= mekmitasdigoat
@@ -40,12 +41,12 @@ Remote-ID= Net-east
[Net-west]
ID-type= IPV4_ADDR_SUBNET
-Network= 192.168.1.0
+Network= 192.168.11.0
Netmask= 255.255.255.0
[Net-east]
ID-type= IPV4_ADDR_SUBNET
-Network= 192.168.2.0
+Network= 192.168.12.0
Netmask= 255.255.255.0
[Default-main-mode]