summaryrefslogtreecommitdiff
path: root/sbin/isakmpd/isakmpd.conf.5
AgeCommit message (Expand)Author
2007-03-18Fix usage of predefined lifetimes. "Default-phase-[12]-lifetime"Hans-Joerg Hoexer
2007-02-19tweak;Jason McIntyre
2007-02-19Document NULL encryption.Hans-Joerg Hoexer
2006-11-24add support to tag ipsec traffic belonging to specific IKE-initiatedReyk Floeter
2006-09-15Remove "Delete-SAs" config option. This was needed for interactionHans-Joerg Hoexer
2006-08-30Make SA deletion on shutdown the default again. Use -S for failoverHans-Joerg Hoexer
2006-06-11Document AESCTR for quick mode and SHA2-* for main mode. Help by jmc.Hans-Joerg Hoexer
2006-06-11tweaks;Jason McIntyre
2006-06-10Document -S and the "Delete-SAs" tag. Those will enable SA deletionHans-Joerg Hoexer
2006-06-10Allow isakmpd to use a different private rsa key per isakmp ID. Hans wrote th...Mathieu Sauve-Frankel
2006-05-27document modp3072.Hans-Joerg Hoexer
2006-05-26ipsectl -> ipsecctlJason McIntyre
2006-05-26vpn.8 removal;Jason McIntyre
2006-05-26let us not talk about ipsecadm and vpn anymore; ok reykTheo de Raadt
2005-10-06improve examples and show how to use KEY_LENGTH. Slightly different fix thanHans-Joerg Hoexer
2005-08-23`DSS' is unsupported, so remove references to it;Jason McIntyre
2005-06-11grammar;Jason McIntyre
2005-05-31certpatch is gone, noticed by david@Hans-Joerg Hoexer
2005-05-23Mention interface names can be used in Listen-on. OK hshoexerChad Loder
2005-05-12add some missing section descriptions to make this page a littleJason McIntyre
2005-05-05alphabetically order options within sections;Jason McIntyre
2005-05-05this is not a separate list item;Jason McIntyre
2005-05-05first stab at making this page easier to read:Jason McIntyre
2005-04-06Check-interval and DPD-check-interval are specified in seconds.Chad Loder
2005-02-22fix wrong line break in comment.Moritz Jodeit
2005-01-05kill whitespace;Jason McIntyre
2005-01-05Discourage using aggressive mode.Hans-Joerg Hoexer
2004-12-14Allow the Address, Network, or Netmask values of the <IPsec-ID> to beRyan Thomas McBride
2004-08-10Better implementation of the Dead Peer Detection protocol, RFC 3706.Hakan Olsson
2004-07-08typo, and line adjustment;Jason McIntyre
2004-07-07document -a/-K and "Acquire-Only"/"Use-Keynote".Hans-Joerg Hoexer
2004-06-26new sentence, new line;Jason McIntyre
2004-06-21Describe the [Default]:NAT-T-Keepalive configuration parameter.Hakan Olsson
2004-02-27Add group 14 (modp2048) to predefined suites. Manpage also updated.Hans-Joerg Hoexer
2004-02-26tweak;Jason McIntyre
2004-02-25Add and document configuration options Logverbose and Loglevel. As log.c nowHans-Joerg Hoexer
2003-11-05PFS: Perfect Forward Secrecy (RFC 2409);Jason McIntyre
2003-08-28support AES in phase 1, too. switch to OpenSSL EVP interface;Markus Friedl
2003-08-09new sentence, new line + small cleanup;Jason McIntyre
2003-07-25add sha2 support; ok ho@Markus Friedl
2003-07-09- remove some .Ss's that worked around the old blank line bugJason McIntyre
2003-06-03Remove clauses 3 and 4. With approval from Niklas Hallqvist andHakan Olsson
2003-06-03- section reorderJason McIntyre
2003-05-17tweak;Jason McIntyre
2003-05-16If the "Renegotiate-on-HUP" tag is defined in the [General] section, aHakan Olsson
2003-05-10typos;Jason McIntyre
2003-03-21document [initiator-id] section; richb@timestone.com.au; ok ho@, jmc@Markus Friedl
2003-03-06.Xr typos;Jason McIntyre
2003-03-03Re-add the BUGS section; the RFCs still do not permit differing DH groupsHakan Olsson
2003-02-22Clarify some language, grammar. ho@ okayed this many moons ago,Kjell Wooding