Re: isakmpd.conf multinet question

[archi]

Hi,

See my config for 3 remote networks

# cat /etc/isakmpd/isakmpd.conf


[Phase 1]
x.x.x.x=         ISAKMP-peer-host1

[Phase 2]
Connections=            IPsec-host2-host1,IPsec-logosl2-hostl1.1, 
IPsec-host2-host1.2

[ISAKMP-peer-host1]
Phase=                  1
Transport=              udp
Address=                x.x.x.x
Configuration=          Default-main-mode
Authentication=         xxxxxxxxxxxxxxxxxxxxx

[IPsec-host2-host1]
Phase=                  2
ISAKMP-peer=            ISAKMP-peer-host1
Configuration=          Default-quick-mode
Local-ID=               Net-host2
Remote-ID=              Net-host1

[IPsec-host2-host1.1]
Phase=                  2
ISAKMP-peer=            ISAKMP-peer-host1
Configuration=          Default-quick-mode
Local-ID=               Net-host2
Remote-ID=              Net-host1.1

[IPsec-host2-host1.2]
Phase=                  2
ISAKMP-peer=            ISAKMP-peer-host1
Configuration=          Default-quick-mode
Local-ID=               Net-host2
Remote-ID=              Net-host1.2


[Net-host1]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.0.0
Netmask=                255.255.255.0

[Net-host1.1]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.2.0
Netmask=                255.255.255.0

[Net-host1.2]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.3.0
Netmask=                255.255.255.0

[Net-host2]
ID-type=                IPV4_ADDR_SUBNET
Network=                192.168.10.0
Netmask=                255.255.255.0

[Default-main-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          ID_PROT
Transforms=             AES-SHA

[Default-quick-mode]
DOI=                    IPSEC
EXCHANGE_TYPE=          QUICK_MODE
Suites=                 QM-ESP-AES-SHA-PFS-SUITE




Best regards,
                          Alexey Arkhipov.

email: [EMAIL PROTECTED]

[demime 1.01d removed an attachment of type APPLICATION/DEFANGED which had a 
name of Alexey Arkhipov.30399DEFANGED-vcf]