summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/isakmpd.conf.5
AgeCommit message (Expand)Author
2015-12-09Remove plain DES encryption from IPsec.Christian Weisgerber
2015-01-16Arguments are just ".Ar", not ".Brq Ar" or even ".Ns { Ns Ar ... Ns }".Ingo Schwarze
2012-08-12Use .Lk for HTTP hyperlinks, not .Pa.Ingo Schwarze
2012-06-30enable use of AES-{192,256}-CTR, and explicitly of AES-128-CTR, for IPsec ESPChristian Weisgerber
2011-06-23Use a common text explaining how the various configuration parsers usingStuart Henderson
2010-09-22Support for use of AES-GCM-16 (as AESGCM) and ENCR_NULL_AUTH_AES_GMACMike Belopuhov
2010-06-07make clearer the relationship between isakmpd and ikev1; and iked and ikev2;Jason McIntyre
2008-02-17Define default configurations for AES-192 and AES-256. From Mitja MuzenicHans-Joerg Hoexer
2007-05-31convert to new .Dd format;Jason McIntyre
2007-05-23Get rid of some obsolete exampels.Hans-Joerg Hoexer
2007-03-18Fix usage of predefined lifetimes. "Default-phase-[12]-lifetime"Hans-Joerg Hoexer
2007-02-19tweak;Jason McIntyre
2007-02-19Document NULL encryption.Hans-Joerg Hoexer
2006-11-24add support to tag ipsec traffic belonging to specific IKE-initiatedReyk Floeter
2006-09-15Remove "Delete-SAs" config option. This was needed for interactionHans-Joerg Hoexer
2006-08-30Make SA deletion on shutdown the default again. Use -S for failoverHans-Joerg Hoexer
2006-06-11Document AESCTR for quick mode and SHA2-* for main mode. Help by jmc.Hans-Joerg Hoexer
2006-06-11tweaks;Jason McIntyre
2006-06-10Document -S and the "Delete-SAs" tag. Those will enable SA deletionHans-Joerg Hoexer
2006-06-10Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote th...Mathieu Sauve-Frankel
2006-05-27document modp3072.Hans-Joerg Hoexer
2006-05-26ipsectl -> ipsecctlJason McIntyre
2006-05-26vpn.8 removal;Jason McIntyre
2006-05-26let us not talk about ipsecadm and vpn anymore; ok reykTheo de Raadt
2005-10-06improve examples and show how to use KEY_LENGTH. Slightly different fix thanHans-Joerg Hoexer
2005-08-23`DSS' is unsupported, so remove references to it;Jason McIntyre
2005-06-11grammar;Jason McIntyre
2005-05-31certpatch is gone, noticed by david@Hans-Joerg Hoexer
2005-05-23Mention interface names can be used in Listen-on. OK hshoexerChad Loder
2005-05-12add some missing section descriptions to make this page a littleJason McIntyre
2005-05-05alphabetically order options within sections;Jason McIntyre
2005-05-05this is not a separate list item;Jason McIntyre
2005-05-05first stab at making this page easier to read:Jason McIntyre
2005-04-06Check-interval and DPD-check-interval are specified in seconds.Chad Loder
2005-02-22fix wrong line break in comment.Moritz Jodeit
2005-01-05kill whitespace;Jason McIntyre
2005-01-05Discourage using aggressive mode.Hans-Joerg Hoexer
2004-12-14Allow the Address, Network, or Netmask values of the <IPsec-ID> to beRyan Thomas McBride
2004-08-10Better implementation of the Dead Peer Detection protocol, RFC 3706.Hakan Olsson
2004-07-08typo, and line adjustment;Jason McIntyre
2004-07-07document -a/-K and "Acquire-Only"/"Use-Keynote".Hans-Joerg Hoexer
2004-06-26new sentence, new line;Jason McIntyre
2004-06-21Describe the [Default]:NAT-T-Keepalive configuration parameter.Hakan Olsson
2004-02-27Add group 14 (modp2048) to predefined suites. Manpage also updated.Hans-Joerg Hoexer
2004-02-26tweak;Jason McIntyre
2004-02-25Add and document configuration options Logverbose and Loglevel. As log.c nowHans-Joerg Hoexer
2003-11-05PFS: Perfect Forward Secrecy (RFC 2409);Jason McIntyre
2003-08-28support AES in phase 1, too. switch to OpenSSL EVP interface;Markus Friedl
2003-08-09new sentence, new line + small cleanup;Jason McIntyre
2003-07-25add sha2 support; ok ho@Markus Friedl