diff options
Diffstat (limited to 'sbin/isakmpd/isakmpd.conf.5')
| -rw-r--r-- | sbin/isakmpd/isakmpd.conf.5 | 24 |
1 files changed, 15 insertions, 9 deletions
diff --git a/sbin/isakmpd/isakmpd.conf.5 b/sbin/isakmpd/isakmpd.conf.5 index be0f6045ce7..a3248112678 100644 --- a/sbin/isakmpd/isakmpd.conf.5 +++ b/sbin/isakmpd/isakmpd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: isakmpd.conf.5,v 1.32 2000/03/22 04:06:17 angelos Exp $ +.\" $OpenBSD: isakmpd.conf.5,v 1.33 2000/03/23 21:39:56 aaron Exp $ .\" $EOM: isakmpd.conf.5,v 1.38 2000/01/31 08:39:44 niklas Exp $ .\" .\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist. All rights reserved. @@ -82,7 +82,8 @@ Generic global configuration parameters .It Em Policy-File The name of the file that contains .Xr KeyNote 4 -policies. The default is "/etc/isakmpd/isakmpd.policy". +policies. +The default is "/etc/isakmpd/isakmpd.policy". .It Em Retransmits How many times should a message be retransmitted before giving up. .It Em Check-interval @@ -192,9 +193,11 @@ Authentication data for this specific peer. In the case of preshared key, this is the key value itself. .It Em ID If existent, the name of the section that describes the -local client ID that we should present to our peer. If not present, it +local client ID that we should present to our peer. +If not present, it defaults to the address of the local interface we are sending packets -over to the remote daemon. Look at <Phase1-ID> below. +over to the remote daemon. +Look at <Phase1-ID> below. .It Em Flags A comma-separated list of flags controlling the further handling of the ISAKMP SA. @@ -277,9 +280,11 @@ and The algorithm to use for the keyed pseudo-random function (used for key derivation and authentication in Phase 1), or ANY. .It Em Life -A list of lifetime descriptions, or ANY. In the former case, each +A list of lifetime descriptions, or ANY. +In the former case, each element is in itself a name of the section that defines the lifetime. -Look at <Lifetime> below. If it is set to ANY, then any type of +Look at <Lifetime> below. +If it is set to ANY, then any type of proposed lifetime type and value will be accepted. .El .It Em <Lifetime> @@ -288,10 +293,11 @@ proposed lifetime type and value will be accepted. .Li SECONDS or .Li BYTES -depending on the type of the duration. Notice that this field may NOT -be set to ANY. +depending on the type of the duration. +Notice that this field may NOT be set to ANY. .It Em LIFE_DURATION -An offer/accept kind of value, see above. Can also be set to ANY. +An offer/accept kind of value, see above. +Can also be set to ANY. .El .It Em <IPSec-connection> .Bl -tag -width 12n |