summaryrefslogtreecommitdiff
path: root/doc
diff options
context:
space:
mode:
authorYu Jiung <jiung.yu@samsung.com>2017-03-02 11:07:12 +0900
committerchleun.moon <chleun.moon@samsung.com>2017-03-02 14:39:20 +0900
commit7859b3f51163cdb798423679bf291ffe27eff988 (patch)
tree83d3e24652bbf766b8a03dc929fe68aad0578dbb /doc
parent376f28aa4b82ec003c8579968ba42ff3050b10c5 (diff)
downloadconnman-7859b3f51163cdb798423679bf291ffe27eff988.tar.gz
connman-7859b3f51163cdb798423679bf291ffe27eff988.tar.bz2
connman-7859b3f51163cdb798423679bf291ffe27eff988.zip
Add code to parse section struct into vici request
Change-Id: If19978b75ab53c43a641a5e51bb0ef6a2adaa545 Signed-off-by: Yu jiung <jiung.yu@samsung.com>
Diffstat (limited to 'doc')
-rw-r--r--doc/vpn-config-format.txt29
1 files changed, 29 insertions, 0 deletions
diff --git a/doc/vpn-config-format.txt b/doc/vpn-config-format.txt
index 23c9c149..15d3a261 100644
--- a/doc/vpn-config-format.txt
+++ b/doc/vpn-config-format.txt
@@ -195,6 +195,35 @@ PPTP VPN supports following options (see pptp(8) and pppd(8) for details)
PPPD.RequirMPPEStateful mppe-stateful Allow MPPE to use stateful mode (O)
PPPD.NoVJ no-vj-comp No Van Jacobson compression (O)
+IPsec VPN supports following options (see swanctl.conf(5) for details):
+ Option name IPSec config value Description
+ IPsec.Version Version IKE major version to use for connection (M)
+ IPsec.LeftAddrs local_addrs Local address(es) to use for IKE communication (M)
+ IPsec.RightAddrs remote_addrs Remote address(es) to use for IKE communication (M)
+
+
+ IPsec.LocalAuth local.auth Authentication to perform locally (M)
+ IPsec.LocalCerts local.certs Certificate candidate to use for authentication (O)
+ IPsec.LocalID local.id IKE identity to use for authentication round (O)
+ IPsec.LocalXauthID local.xauth_id Client XAuth username used in the XAuth exchange (O)
+ IPsec.LocalXauthAuth local-xauth.auth Xauth round authentication to perform locally (O)
+ IPsec.LocalXauthXauthID local-xauth.xauth_id Xauth round client XAuth username used in the XAuth exchange (O)
+
+ IPsec.RemoteAuth remote.auth Authentication to expect from remote (M)
+ IPsec.RemoteCerts remote.certs Certificate candidate to use for authentication (O)
+ IPsec.RemoteID remote.id IKE identity to use for authentication round (O)
+ IPsec.RemoteXauthAuth remote-xauth.auth Xauth round authentication to expect from remote (O)
+ IPsec.ChildrenLocalTs children.local_ts local selectors to include in CHILD_SA (O)
+ IPsec.ChildrenRemoteTs children.remote_ts Remote selectors to include in CHILD_SA (O)
+
+ IPsec.IkeData secret.data IKE PSK raw shared key data
+ IPsec.IkeOwners secret.Owners list of shared key owner identities
+ IPsec.XauthData secret.data XAUTH raw shared key data
+ IPsec.XauthOwners secret.Owners list of shared key owner identities
+
+ IPsec.CertType cert.type certificate type, X509|X509_AC|X509_CRL
+ IPsec.CertFlag cert.flag X.509 certificate flag, NONE|CA|AA|OCSP
+ IPsec.CertData cert.data PEM or DER encoded certificate data
Example
=======