regress/sbin/ipsecctl/ike13.ok


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58

FROM = "{ 2.2.2.0/24, 3.3.3.0/24, 4.4.4.0/24 }"
C set [Phase 1]:1.1.1.1=peer-1.1.1.1 force
C set [peer-1.1.1.1]:Phase=1 force
C set [peer-1.1.1.1]:Address=1.1.1.1 force
C set [peer-1.1.1.1]:Configuration=mm-1.1.1.1 force
C set [mm-1.1.1.1]:EXCHANGE_TYPE=ID_PROT force
C add [mm-1.1.1.1]:Transforms=AES-SHA-GRP15-RSA_SIG force
C set [IPsec-2.2.2.0/24-1.1.1.1]:Phase=2 force
C set [IPsec-2.2.2.0/24-1.1.1.1]:ISAKMP-peer=peer-1.1.1.1 force
C set [IPsec-2.2.2.0/24-1.1.1.1]:Configuration=qm-2.2.2.0/24-1.1.1.1 force
C set [IPsec-2.2.2.0/24-1.1.1.1]:Local-ID=lid-2.2.2.0/24 force
C set [IPsec-2.2.2.0/24-1.1.1.1]:Remote-ID=rid-1.1.1.1 force
C set [qm-2.2.2.0/24-1.1.1.1]:EXCHANGE_TYPE=QUICK_MODE force
C set [qm-2.2.2.0/24-1.1.1.1]:Suites=QM-ESP-AES-SHA2-256-PFS-GRP15-SUITE force
C set [lid-2.2.2.0/24]:ID-type=IPV4_ADDR_SUBNET force
C set [lid-2.2.2.0/24]:Network=2.2.2.0 force
C set [lid-2.2.2.0/24]:Netmask=255.255.255.0 force
C set [rid-1.1.1.1]:ID-type=IPV4_ADDR force
C set [rid-1.1.1.1]:Address=1.1.1.1 force
C add [Phase 2]:Connections=IPsec-2.2.2.0/24-1.1.1.1
C set [Phase 1]:1.1.1.1=peer-1.1.1.1 force
C set [peer-1.1.1.1]:Phase=1 force
C set [peer-1.1.1.1]:Address=1.1.1.1 force
C set [peer-1.1.1.1]:Configuration=mm-1.1.1.1 force
C set [mm-1.1.1.1]:EXCHANGE_TYPE=ID_PROT force
C add [mm-1.1.1.1]:Transforms=AES-SHA-GRP15-RSA_SIG force
C set [IPsec-3.3.3.0/24-1.1.1.1]:Phase=2 force
C set [IPsec-3.3.3.0/24-1.1.1.1]:ISAKMP-peer=peer-1.1.1.1 force
C set [IPsec-3.3.3.0/24-1.1.1.1]:Configuration=qm-3.3.3.0/24-1.1.1.1 force
C set [IPsec-3.3.3.0/24-1.1.1.1]:Local-ID=lid-3.3.3.0/24 force
C set [IPsec-3.3.3.0/24-1.1.1.1]:Remote-ID=rid-1.1.1.1 force
C set [qm-3.3.3.0/24-1.1.1.1]:EXCHANGE_TYPE=QUICK_MODE force
C set [qm-3.3.3.0/24-1.1.1.1]:Suites=QM-ESP-AES-SHA2-256-PFS-GRP15-SUITE force
C set [lid-3.3.3.0/24]:ID-type=IPV4_ADDR_SUBNET force
C set [lid-3.3.3.0/24]:Network=3.3.3.0 force
C set [lid-3.3.3.0/24]:Netmask=255.255.255.0 force
C set [rid-1.1.1.1]:ID-type=IPV4_ADDR force
C set [rid-1.1.1.1]:Address=1.1.1.1 force
C add [Phase 2]:Connections=IPsec-3.3.3.0/24-1.1.1.1
C set [Phase 1]:1.1.1.1=peer-1.1.1.1 force
C set [peer-1.1.1.1]:Phase=1 force
C set [peer-1.1.1.1]:Address=1.1.1.1 force
C set [peer-1.1.1.1]:Configuration=mm-1.1.1.1 force
C set [mm-1.1.1.1]:EXCHANGE_TYPE=ID_PROT force
C add [mm-1.1.1.1]:Transforms=AES-SHA-GRP15-RSA_SIG force
C set [IPsec-4.4.4.0/24-1.1.1.1]:Phase=2 force
C set [IPsec-4.4.4.0/24-1.1.1.1]:ISAKMP-peer=peer-1.1.1.1 force
C set [IPsec-4.4.4.0/24-1.1.1.1]:Configuration=qm-4.4.4.0/24-1.1.1.1 force
C set [IPsec-4.4.4.0/24-1.1.1.1]:Local-ID=lid-4.4.4.0/24 force
C set [IPsec-4.4.4.0/24-1.1.1.1]:Remote-ID=rid-1.1.1.1 force
C set [qm-4.4.4.0/24-1.1.1.1]:EXCHANGE_TYPE=QUICK_MODE force
C set [qm-4.4.4.0/24-1.1.1.1]:Suites=QM-ESP-AES-SHA2-256-PFS-GRP15-SUITE force
C set [lid-4.4.4.0/24]:ID-type=IPV4_ADDR_SUBNET force
C set [lid-4.4.4.0/24]:Network=4.4.4.0 force
C set [lid-4.4.4.0/24]:Netmask=255.255.255.0 force
C set [rid-1.1.1.1]:ID-type=IPV4_ADDR force
C set [rid-1.1.1.1]:Address=1.1.1.1 force
C add [Phase 2]:Connections=IPsec-4.4.4.0/24-1.1.1.1