1# $OpenBSD: iked.conf,v 1.1 2014/07/11 21:20:10 deraadt Exp $ 2# 3# See iked.conf(5) for syntax and examples. 4 5# Configure users for the Extensible Authentication Protocol (EAP) 6#user "user1" "password123" 7#user "user2" "password456" 8 9# Configuration for clients connecting with EAP authentication. 10# Remember to set up a PKI, see ikectl(8) for more information. 11#ikev2 "win7" passive esp \ 12# from 10.1.0.0/24 to 10.2.0.0/24 \ 13# local any peer any \ 14# eap "mschap-v2" \ 15# config address 10.2.0.1 \ 16# config name-server 10.1.0.2 \ 17# tag "$name-$id" 18 19# Configuration for a client authenticating with a pre-shared key. 20#ikev2 esp \ 21# from 10.3.0.0/24 to 10.1.0.0/24 \ 22# from 10.5.0.0/24 to 10.1.0.0/24 \ 23# from 10.5.0.0/24 to 172.16.1.0/24 \ 24# local 192.168.1.1 peer 192.168.2.1 \ 25# psk "you-should-not-use-psk-authentication!" 26