xref: /openbsd/regress/sbin/ipsecctl/ike8.ok (revision 5af055cd) 
1C set [Phase 1]:192.168.3.1=peer-192.168.3.1 force
2C set [peer-192.168.3.1]:Phase=1 force
3C set [peer-192.168.3.1]:Address=192.168.3.1 force
4C set [peer-192.168.3.1]:Configuration=phase1-peer-192.168.3.1 force
5C set [phase1-peer-192.168.3.1]:EXCHANGE_TYPE=ID_PROT force
6C add [phase1-peer-192.168.3.1]:Transforms=phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024 force
7C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:AUTHENTICATION_METHOD=RSA_SIG force
8C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:HASH_ALGORITHM=SHA force
9C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:ENCRYPTION_ALGORITHM=AES_CBC force
10C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:KEY_LENGTH=128,128:256 force
11C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:GROUP_DESCRIPTION=MODP_1024 force
12C set [phase1-transform-peer-192.168.3.1-RSA_SIG-SHA-AES128-MODP_1024]:Life=LIFE_MAIN_MODE force
13C set [from-1.1.1.1-to-0.0.0.0/0]:Phase=2 force
14C set [from-1.1.1.1-to-0.0.0.0/0]:ISAKMP-peer=peer-192.168.3.1 force
15C set [from-1.1.1.1-to-0.0.0.0/0]:Configuration=phase2-from-1.1.1.1-to-0.0.0.0/0 force
16C set [from-1.1.1.1-to-0.0.0.0/0]:Local-ID=from-1.1.1.1 force
17C set [from-1.1.1.1-to-0.0.0.0/0]:Remote-ID=to-0.0.0.0/0 force
18C set [phase2-from-1.1.1.1-to-0.0.0.0/0]:EXCHANGE_TYPE=QUICK_MODE force
19C set [phase2-from-1.1.1.1-to-0.0.0.0/0]:Suites=phase2-suite-from-1.1.1.1-to-0.0.0.0/0 force
20C set [phase2-suite-from-1.1.1.1-to-0.0.0.0/0]:Protocols=phase2-protocol-from-1.1.1.1-to-0.0.0.0/0 force
21C set [phase2-protocol-from-1.1.1.1-to-0.0.0.0/0]:PROTOCOL_ID=IPSEC_ESP force
22C set [phase2-protocol-from-1.1.1.1-to-0.0.0.0/0]:Transforms=phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL force
23C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:TRANSFORM_ID=AES force
24C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:KEY_LENGTH=128,128:256 force
25C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:ENCAPSULATION_MODE=TUNNEL force
26C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:AUTHENTICATION_ALGORITHM=HMAC_SHA2_256 force
27C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:GROUP_DESCRIPTION=MODP_1024 force
28C set [phase2-transform-from-1.1.1.1-to-0.0.0.0/0-AES128-SHA2_256-MODP_1024-TUNNEL]:Life=LIFE_QUICK_MODE force
29C set [from-1.1.1.1]:ID-type=IPV4_ADDR force
30C set [from-1.1.1.1]:Address=1.1.1.1 force
31C set [to-0.0.0.0/0]:ID-type=IPV4_ADDR_SUBNET force
32C set [to-0.0.0.0/0]:Network=0.0.0.0 force
33C set [to-0.0.0.0/0]:Netmask=0.0.0.0 force
34C add [Phase 2]:Connections=from-1.1.1.1-to-0.0.0.0/0
35