diff options
author | Yu Jiung <jiung.yu@samsung.com> | 2017-03-02 11:07:12 +0900 |
---|---|---|
committer | chleun.moon <chleun.moon@samsung.com> | 2017-03-02 14:39:20 +0900 |
commit | 7859b3f51163cdb798423679bf291ffe27eff988 (patch) | |
tree | 83d3e24652bbf766b8a03dc929fe68aad0578dbb /doc/vpn-config-format.txt | |
parent | 376f28aa4b82ec003c8579968ba42ff3050b10c5 (diff) | |
download | connman-7859b3f51163cdb798423679bf291ffe27eff988.tar.gz connman-7859b3f51163cdb798423679bf291ffe27eff988.tar.bz2 connman-7859b3f51163cdb798423679bf291ffe27eff988.zip |
Add code to parse section struct into vici request
Change-Id: If19978b75ab53c43a641a5e51bb0ef6a2adaa545
Signed-off-by: Yu jiung <jiung.yu@samsung.com>
Diffstat (limited to 'doc/vpn-config-format.txt')
-rw-r--r-- | doc/vpn-config-format.txt | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/vpn-config-format.txt b/doc/vpn-config-format.txt index 23c9c149..15d3a261 100644 --- a/doc/vpn-config-format.txt +++ b/doc/vpn-config-format.txt @@ -195,6 +195,35 @@ PPTP VPN supports following options (see pptp(8) and pppd(8) for details) PPPD.RequirMPPEStateful mppe-stateful Allow MPPE to use stateful mode (O) PPPD.NoVJ no-vj-comp No Van Jacobson compression (O) +IPsec VPN supports following options (see swanctl.conf(5) for details): + Option name IPSec config value Description + IPsec.Version Version IKE major version to use for connection (M) + IPsec.LeftAddrs local_addrs Local address(es) to use for IKE communication (M) + IPsec.RightAddrs remote_addrs Remote address(es) to use for IKE communication (M) + + + IPsec.LocalAuth local.auth Authentication to perform locally (M) + IPsec.LocalCerts local.certs Certificate candidate to use for authentication (O) + IPsec.LocalID local.id IKE identity to use for authentication round (O) + IPsec.LocalXauthID local.xauth_id Client XAuth username used in the XAuth exchange (O) + IPsec.LocalXauthAuth local-xauth.auth Xauth round authentication to perform locally (O) + IPsec.LocalXauthXauthID local-xauth.xauth_id Xauth round client XAuth username used in the XAuth exchange (O) + + IPsec.RemoteAuth remote.auth Authentication to expect from remote (M) + IPsec.RemoteCerts remote.certs Certificate candidate to use for authentication (O) + IPsec.RemoteID remote.id IKE identity to use for authentication round (O) + IPsec.RemoteXauthAuth remote-xauth.auth Xauth round authentication to expect from remote (O) + IPsec.ChildrenLocalTs children.local_ts local selectors to include in CHILD_SA (O) + IPsec.ChildrenRemoteTs children.remote_ts Remote selectors to include in CHILD_SA (O) + + IPsec.IkeData secret.data IKE PSK raw shared key data + IPsec.IkeOwners secret.Owners list of shared key owner identities + IPsec.XauthData secret.data XAUTH raw shared key data + IPsec.XauthOwners secret.Owners list of shared key owner identities + + IPsec.CertType cert.type certificate type, X509|X509_AC|X509_CRL + IPsec.CertFlag cert.flag X.509 certificate flag, NONE|CA|AA|OCSP + IPsec.CertData cert.data PEM or DER encoded certificate data Example ======= |