diff options
author | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2000-06-01 19:58:01 +0000 |
---|---|---|
committer | Angelos D. Keromytis <angelos@cvs.openbsd.org> | 2000-06-01 19:58:01 +0000 |
commit | 34d3cdae732e3226872b911bdc04e2e2789f8c21 (patch) | |
tree | 5b65bbd5b54f75513ed8009a7e8aa296a1a10695 /share/man/man8 | |
parent | a0b5f13b266f2b01ec1851b7f5d0b77b1e609931 (diff) |
Oops, errors in the abstract example (vassilip@dsl.cis.upenn.edu)
Diffstat (limited to 'share/man/man8')
-rw-r--r-- | share/man/man8/vpn.8 | 38 |
1 files changed, 19 insertions, 19 deletions
diff --git a/share/man/man8/vpn.8 b/share/man/man8/vpn.8 index 34a3ae65c16..7336ed602d4 100644 --- a/share/man/man8/vpn.8 +++ b/share/man/man8/vpn.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: vpn.8,v 1.38 2000/05/02 22:33:26 ho Exp $ +.\" $OpenBSD: vpn.8,v 1.39 2000/06/01 19:58:00 angelos Exp $ .\" Copyright 1998 Niels Provos <provos@physnet.uni-hamburg.de> .\" All rights reserved. .\" @@ -153,12 +153,12 @@ is ignored by both algorithms. Before the IPSec flows can be defined, two Security Associations (SAs) must be defined on each end of the VPN, e.g.: .Bd -literal -ipsecadm new esp -spi SPI_OUT -src A_EXTERNAL_IP +ipsecadm new esp -spi SPI_AB -src A_EXTERNAL_IP -dst B_EXTERNAL_IP -forcetunnel -enc 3des -auth sha1 -keyfile ENCRYPTION_KEY_FILE -authkeyfile AUTHENTICATION_KEY_FILE -ipsecadm new esp -spi SPI_IN -src B_EXTERNAL_IP +ipsecadm new esp -spi SPI_BA -src B_EXTERNAL_IP -dst A_EXTERNAL_IP -forcetunnel -enc 3des -auth sha1 -keyfile ENCRYPTION_KEY_FILE -authkeyfile AUTHENTICATION_KEY_FILE @@ -183,58 +183,58 @@ tool: .Pp On the security gateway of subnet A: .Bd -literal -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_EXTERNAL_IP 255.255.255.255 B_EXTERNAL_IP 255.255.255.255 -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_INTERNAL_NETWORK A_INTERNAL_NETMASK B_INTERNAL_NETWORK B_INTERNAL_NETMASK -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_EXTERNAL_IP 255.255.255.255 B_INTERNAL_NETWORK B_INTERNAL_NETMASK -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_INTERNAL_NETWORK A_INTERNAL_NETMASK B_EXTERNAL_IP 255.255.255.255 -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_IN -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_EXTERNAL_IP 255.255.255.255 A_EXTERNAL_IP 255.255.255.255 -ingress -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_IN -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_INTERNAL_NETWORK B_INTERNAL_NETMASK A_INTERNAL_NETWORK A_INTERNAL_NETMASK -ingress -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_EXTERNAL_IP 255.255.255.255 A_INTERNAL_NETWORK A_INTERNAL_NETMASK -ingress -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_INTERNAL_NETWORK B_INTERNAL_NETMASK A_EXTERNAL_IP 255.255.255.255 -ingress .Ed .Pp and on the security gateway of subnet B: .Bd -literal -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_IN -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_EXTERNAL_IP 255.255.255.255 A_EXTERNAL_IP 255.255.255.255 -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_IN -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_INTERNAL_NETWORK B_INTERNAL_NETMASK A_INTERNAL_NETWORK A_INTERNAL_NETMASK -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_EXTERNAL_IP 255.255.255.255 A_INTERNAL_NETWORK A_INTERNAL_NETMASK -ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst A_EXTERNAL_IP -spi SPI_BA -proto esp -addr B_INTERNAL_NETWORK B_INTERNAL_NETMASK A_EXTERNAL_IP 255.255.255.255 -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_EXTERNAL_IP 255.255.255.255 B_EXTERNAL_IP 255.255.255.255 -ingress -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_INTERNAL_NETWORK A_INTERNAL_NETMASK B_INTERNAL_NETWORK B_INTERNAL_NETMASK -ingress -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_EXTERNAL_IP 255.255.255.255 B_INTERNAL_NETWORK B_INTERNAL_NETMASK -ingress -ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_OUT -proto esp +ipsecadm flow -dst B_EXTERNAL_IP -spi SPI_AB -proto esp -addr A_INTERNAL_NETWORK A_INTERNAL_NETMASK B_EXTERNAL_IP 255.255.255.255 -ingress .Ed |