xref: /openbsd/regress/sbin/ipsecctl/ike60.ok (revision cecf84d4) 
1C set [Phase 1]:Default=peer-default force
2C set [peer-default]:Phase=1 force
3C set [peer-default]:Configuration=phase1-peer-default force
4C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
5C add [phase1-peer-default]:Transforms=phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024 force
6C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:AUTHENTICATION_METHOD=RSA_SIG force
7C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:HASH_ALGORITHM=SHA force
8C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
9C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:KEY_LENGTH=128,128:128 force
10C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
11C set [phase1-transform-peer-default-RSA_SIG-SHA-AES128-MODP_1024]:Life=LIFE_MAIN_MODE force
12C set [from-10.0.0.1-to-0.0.0.0/0]:Phase=2 force
13C set [from-10.0.0.1-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
14C set [from-10.0.0.1-to-0.0.0.0/0]:Configuration=phase2-from-10.0.0.1-to-0.0.0.0/0 force
15C set [from-10.0.0.1-to-0.0.0.0/0]:Local-ID=from-10.0.0.1 force
16C set [from-10.0.0.1-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
17C set [phase2-from-10.0.0.1-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
18C set [phase2-from-10.0.0.1-to-0.0.0.0/0]:Suites=phase2-suite-from-10.0.0.1-to-0.0.0.0/0 force
19C set [phase2-suite-from-10.0.0.1-to-0.0.0.0/0]:Protocols=phase2-protocol-from-10.0.0.1-to-0.0.0.0/0 force
20C set [phase2-protocol-from-10.0.0.1-to-0.0.0.0/0]:PROTOCOL_ID=IPSEC_ESP force
21C set [phase2-protocol-from-10.0.0.1-to-0.0.0.0/0]:Transforms=phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL force
22C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:TRANSFORM_ID=AES force
23C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:KEY_LENGTH=128,128:128 force
24C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:ENCAPSULATION_MODE=TUNNEL force
25C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
26C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:GROUP_DESCRIPTION=MODP_1024 force
27C set [phase2-transform-from-10.0.0.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:Life=LIFE_QUICK_MODE force
28C set [from-10.0.0.1]:ID-type=IPV4_ADDR force
29C set [from-10.0.0.1]:Address=10.0.0.1 force
30C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
31C set [to-0.0.0.0/0]:Network=0.0.0.0 force
32C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
33C add [Phase 2]:Connections=from-10.0.0.1-to-0.0.0.0/0
34C set [Phase 1]:Default=peer-default force
35C set [peer-default]:Phase=1 force
36C set [peer-default]:Configuration=phase1-peer-default force
37C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
38C add [phase1-peer-default]:Transforms=phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024 force
39C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:AUTHENTICATION_METHOD=RSA_SIG force
40C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:HASH_ALGORITHM=SHA force
41C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
42C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:KEY_LENGTH=192,192:192 force
43C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
44C set [phase1-transform-peer-default-RSA_SIG-SHA-AES192-MODP_1024]:Life=LIFE_MAIN_MODE force
45C set [from-10.0.0.2-to-0.0.0.0/0]:Phase=2 force
46C set [from-10.0.0.2-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
47C set [from-10.0.0.2-to-0.0.0.0/0]:Configuration=phase2-from-10.0.0.2-to-0.0.0.0/0 force
48C set [from-10.0.0.2-to-0.0.0.0/0]:Local-ID=from-10.0.0.2 force
49C set [from-10.0.0.2-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
50C set [phase2-from-10.0.0.2-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
51C set [phase2-from-10.0.0.2-to-0.0.0.0/0]:Suites=phase2-suite-from-10.0.0.2-to-0.0.0.0/0 force
52C set [phase2-suite-from-10.0.0.2-to-0.0.0.0/0]:Protocols=phase2-protocol-from-10.0.0.2-to-0.0.0.0/0 force
53C set [phase2-protocol-from-10.0.0.2-to-0.0.0.0/0]:PROTOCOL_ID=IPSEC_ESP force
54C set [phase2-protocol-from-10.0.0.2-to-0.0.0.0/0]:Transforms=phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL force
55C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:TRANSFORM_ID=AES force
56C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:KEY_LENGTH=192,192:192 force
57C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:ENCAPSULATION_MODE=TUNNEL force
58C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
59C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:GROUP_DESCRIPTION=MODP_1024 force
60C set [phase2-transform-from-10.0.0.2-to-0.0.0.0/0-AES192-SHA2_256-MODP_1024-TUNNEL]:Life=LIFE_QUICK_MODE force
61C set [from-10.0.0.2]:ID-type=IPV4_ADDR force
62C set [from-10.0.0.2]:Address=10.0.0.2 force
63C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
64C set [to-0.0.0.0/0]:Network=0.0.0.0 force
65C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
66C add [Phase 2]:Connections=from-10.0.0.2-to-0.0.0.0/0
67C set [Phase 1]:Default=peer-default force
68C set [peer-default]:Phase=1 force
69C set [peer-default]:Configuration=phase1-peer-default force
70C set [phase1-peer-default]:EXCHANGE_TYPE=ID_PROT force
71C add [phase1-peer-default]:Transforms=phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024 force
72C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:AUTHENTICATION_METHOD=RSA_SIG force
73C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:HASH_ALGORITHM=SHA force
74C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
75C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:KEY_LENGTH=256,256:256 force
76C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
77C set [phase1-transform-peer-default-RSA_SIG-SHA-AES256-MODP_1024]:Life=LIFE_MAIN_MODE force
78C set [from-10.0.0.3-to-0.0.0.0/0]:Phase=2 force
79C set [from-10.0.0.3-to-0.0.0.0/0]:ISAKMP-peer=peer-default force
80C set [from-10.0.0.3-to-0.0.0.0/0]:Configuration=phase2-from-10.0.0.3-to-0.0.0.0/0 force
81C set [from-10.0.0.3-to-0.0.0.0/0]:Local-ID=from-10.0.0.3 force
82C set [from-10.0.0.3-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
83C set [phase2-from-10.0.0.3-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
84C set [phase2-from-10.0.0.3-to-0.0.0.0/0]:Suites=phase2-suite-from-10.0.0.3-to-0.0.0.0/0 force
85C set [phase2-suite-from-10.0.0.3-to-0.0.0.0/0]:Protocols=phase2-protocol-from-10.0.0.3-to-0.0.0.0/0 force
86C set [phase2-protocol-from-10.0.0.3-to-0.0.0.0/0]:PROTOCOL_ID=IPSEC_ESP force
87C set [phase2-protocol-from-10.0.0.3-to-0.0.0.0/0]:Transforms=phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL force
88C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:TRANSFORM_ID=AES force
89C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:KEY_LENGTH=256,256:256 force
90C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:ENCAPSULATION_MODE=TUNNEL force
91C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
92C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:GROUP_DESCRIPTION=MODP_1024 force
93C set [phase2-transform-from-10.0.0.3-to-0.0.0.0/0-AES256-SHA2_256-MODP_1024-TUNNEL]:Life=LIFE_QUICK_MODE force
94C set [from-10.0.0.3]:ID-type=IPV4_ADDR force
95C set [from-10.0.0.3]:Address=10.0.0.3 force
96C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
97C set [to-0.0.0.0/0]:Network=0.0.0.0 force
98C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
99C add [Phase 2]:Connections=from-10.0.0.3-to-0.0.0.0/0
100