1.\" $OpenBSD: isakmpd.conf.5,v 1.106 2005/06/11 08:31:40 jmc Exp $
2.\" $EOM: isakmpd.conf.5,v 1.57 2000/12/21 14:43:17 ho Exp $
3.\"
4.\" Copyright (c) 1998, 1999, 2000 Niklas Hallqvist.  All rights reserved.
5.\" Copyright (c) 2000, 2001, 2002 H�kan Olsson.  All rights reserved.
6.\"
7.\" Redistribution and use in source and binary forms, with or without
8.\" modification, are permitted provided that the following conditions
9.\" are met:
10.\" 1. Redistributions of source code must retain the above copyright
11.\"    notice, this list of conditions and the following disclaimer.
12.\" 2. Redistributions in binary form must reproduce the above copyright
13.\"    notice, this list of conditions and the following disclaimer in the
14.\"    documentation and/or other materials provided with the distribution.
15.\"
16.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
17.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
18.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
19.\" IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
20.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
21.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
22.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
23.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
24.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
25.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26.\"
27.\" This code was written under funding by Ericsson Radio Systems.
28.\"
29.\" Manual page, using -mandoc macros
30.\"
31.Dd August 07, 2002
32.Dt ISAKMPD.CONF 5
33.Os
34.Sh NAME
35.Nm isakmpd.conf
36.Nd configuration file for isakmpd
37.Sh DESCRIPTION
38.Nm
39is the configuration file for the
40.Xr isakmpd 8
41daemon, managing security association and key management for the
42IPsec layer of the kernel's networking stack.
43.Pp
44The file is of a well known type of format called .INI style, named after
45the suffix used by an overrated windowing environment for its configuration
46files.
47This format consists of sections, each beginning with a line looking like:
48.Bd -unfilled
49.Bq Sy Section name
50.Ed
51Between the brackets is the name of the section following this section header.
52Inside a section many tag/value pairs can be stored, each one looking like:
53.Bd -unfilled
54.Ar Tag Ns = Ns Ar Value
55.Ed
56If the value needs more space than fits on a single line, it's possible to
57continue it on the next by ending the first with a backslash character
58immediately before the newline character.
59This method can extend a value for an arbitrary number of lines.
60.Pp
61Comments can be put anywhere in the file by using a hash mark
62.Pq Sq \&# .
63The comment extends to the end of the current line.
64.Pp
65Often the right-hand side values consist of other section names.
66This results in a tree structure.
67Some values are treated as a list of several scalar values.
68Such lists always use a comma character as the separator.
69Some values are formatted like this: X,Y:Z, which
70is an offer/accept syntax, where X is a value we offer and Y:Z is a range of
71accepted values, inclusive.
72.Pp
73To activate changes to
74.Nm
75without restarting
76.Xr isakmpd 8 ,
77send a
78.Dv SIGHUP
79signal to the daemon process.
80.Sh AUTO-GENERATED PARTS OF THE CONFIGURATION
81Some predefined section names are recognized by the daemon, avoiding the need
82to fully specify the Main Mode transforms and Quick Mode suites, protocols,
83and transforms.
84.Pp
85For Main Mode:
86.\" .Ar {DES,BLF,3DES,CAST,AES}-{MD5,SHA}[-GRP{1,2,5,14}][-{DSS,RSA_SIG}]
87.Bl -inset -compact
88.It Xo
89.Sm off
90.No {
91.Ar DES , BLF , 3DES , CAST , AES
92.No }-{
93.Ar MD5 , SHA
94.No }[-
95.Ar GRP
96.No {
97.Ar 1 , 2 , 5 , 14
98.No }]
99.No [-{
100.Ar DSS , RSA_SIG
101.No }]
102.Sm on
103.Xc
104.El
105.Pp
106For Quick Mode:
107.\" .Ar QM-{proto}[-TRP]-{cipher}[-{hash}][-PFS[-{group}]]-SUITE
108.Bl -inset -compact
109.It Xo
110.Sm off
111.Ar QM
112.No -{
113.Ar proto
114.No }[-
115.Ar TRP
116.No ]-{
117.Ar cipher
118.No }[-{
119.Ar hash
120.No }]
121.No [-
122.Ar PFS
123.No [-{
124.Ar group
125.No }]]-
126.Ar SUITE
127.Sm on
128.Xc
129.El
130.Pp
131where:
132.Bl -tag -width "{cipher}" -offset indent -compact
133.It Ns { Ns Ar proto Ns }
134is either ESP or AH
135.It Ns { Ns Ar cipher Ns }
136is either DES, 3DES, CAST, BLF, or AES
137.It Ns { Ns Ar hash Ns }
138is either MD5, SHA, RIPEMD, or SHA2-{256,384,512}
139.It Ns { Ns Ar group Ns }
140is either GRP1, GRP2, GRP5, or GRP14
141.El
142.Pp
143For example, 3DES-SHA means: 3DES encryption, SHA hash, and authorization by
144pre-shared keys.
145Similarly, QM-ESP-3DES-SHA-PFS-SUITE means: ESP protocol, 3DES encryption,
146SHA hash, and use Perfect Forward Secrecy.
147.Pp
148Unless explicitly stated with -GRP1, 2, 5, or 14, transforms and PFS suites
149use DH group 2.
150There are currently no predefined ESP+AH Quick Mode suites.
151.Pp
152The predefinitions include some default values for the special
153sections "General", "Keynote", "X509-certificates", and
154"Default-phase-1-configuration".
155These default values are presented in the example below.
156.Pp
157All autogenerated values can be overridden by manual entries by using the
158same section and tag names in the configuration file.
159In particular, the default phase 1 (Main or Aggressive Mode) and phase 2
160(Quick Mode) lifetimes can be overridden by these tags under the "General"
161section:
162.Bd -literal -offset indent
163[General]
164Default-phase-1-lifetime=	3600,60:86400
165Default-phase-2-lifetime=	1200,60:86400
166.Ed
167.Pp
168The Main Mode lifetime currently defaults to one hour (minimum 60
169seconds, maximum 1 day).
170The Quick Mode lifetime defaults to 20 minutes
171(minimum 60 seconds, maximum 1 day).
172.Pp
173Also, the default phase 1 ID can be set by creating a
174.Aq Sy Phase1-ID
175section, as shown below, and adding this tag under the "General"
176section:
177.Bd -literal -offset indent
178[General]
179Default-phase-1-ID=		Phase1-ID-name
180
181[Phase1-ID-name]
182ID-type=			USER_FQDN
183Name=				foo@bar.com
184.Ed
185.Sh ROOTS
186.Bl -hang -width 8n
187.It Bq Sy General
188Generic global configuration parameters
189.Bl -tag -width Ds
190.It Em Acquire-Only
191If this tag is defined,
192.Xr isakmpd 8
193will not set up flows automatically.
194This is useful when flows are configured with
195.Xr ipsecadm 8
196or by other programs like
197.Xr bgpd 8 .
198Thus
199.Xr isakmpd 8
200only takes care of the SA establishment.
201.It Em Check-interval
202The interval between watchdog checks of connections we want up at all
203times, in seconds.
204The default value is 60 seconds.
205.It Em Default-phase-1-ID
206Optional default phase 1 ID name.
207.It Em Default-phase-1-lifetime
208The default lifetime for autogenerated transforms (phase 1).
209If unspecified, the value 3600,60:86400 is used as the default.
210.It Em Default-phase-2-lifetime
211The default lifetime for autogenerated suites (phase 2).
212If unspecified, the value 1200,60:86400 is used as the default.
213.It Em Default-phase-2-suites
214A list of phase 2 suites that will be used when establishing dynamic
215SAs.
216If left unspecified, QM-ESP-3DES-SHA-PFS-SUITE is used as the default.
217.It Em DPD-check-interval
218The interval between RFC 3706 (Dead Peer Detection) messages, in seconds.
219The default value is 0 (zero), which means DPD is disabled.
220.It Em Exchange-max-time
221How many seconds should an exchange maximally take to set up before we
222give up.
223.It Em Listen-on
224A list of IP addresses or interface names OK to listen on.
225This list is used as a filter for the set of addresses the interfaces
226configured provides.
227This means that we won't see if an address given here does not exist
228on this host, and thus no error is given for that case.
229.It Em Loglevel
230A list of the form
231.Ar class Ns = Ns Ar level ,
232where both
233.Ar class
234and
235.Ar level
236are numbers.
237This is similar to the
238.Fl D
239command line switch of
240.Xr isakmpd 8 .
241.It Em Logverbose
242If this tag is defined, whatever the value is, verbose logging is enabled.
243This is similar to the
244.Fl v
245command line switch of
246.Xr isakmpd 8 .
247.It Em NAT-T-Keepalive
248The number of seconds between NAT-T keepalive messages, sent by the
249peer behind NAT to keep the mapping active.
250Defaults to 20.
251.It Em Policy-file
252The name of the file that contains
253.Xr keynote 4
254policies.
255The default is
256.Pa /etc/isakmpd/isakmpd.policy .
257.It Em Pubkey-directory
258The directory in which
259.Nm
260looks for explicitly trusted public keys.
261The default is
262.Pa /etc/isakmpd/pubkeys .
263Read
264.Xr isakmpd 8
265for the required naming convention of the files in here.
266.It Em Renegotiate-on-HUP
267If this tag is defined, whatever the value is,
268.Xr isakmpd 8
269will renegotiate all current phase 2 SAs when the daemon receives a
270.Dv SIGHUP
271signal, or an
272.Sq R
273is sent to the FIFO interface (see
274.Xr isakmpd 8 ) .
275.It Em Retransmits
276How many times should a message be retransmitted before giving up.
277.It Em Shared-SADB
278If this tag is defined, whatever the value is, some semantics of
279.Nm
280are changed so that multiple instances can run on top of one SADB
281and set up SAs with each other.
282Specifically this means replay
283protection will not be asked for, and errors that can occur when
284updating an SA with its parameters a 2nd time will be ignored.
285.It Em Use-Keynote
286This tag controls the use of
287.Xr keynote 4
288policy checking.
289The default value is
290.Qq yes ,
291which enables the policy checking.
292When set to any other value, policies will not be checked.
293This is useful when policies for flows and SA establishment are arranged by
294other programs like
295.Xr ipsecadm 8
296or
297.Xr bgpd 8 .
298.El
299.It Bq Sy Phase 1
300ISAKMP SA negotiation parameter root
301.Bl -tag -width Ds
302.It Em Default
303A name of the default ISAKMP peer.
304Incoming phase 1 connections from other IP addresses will use this peer name.
305This name is used as the section name for further information to be found.
306Look at
307.Aq Sy ISAKMP-peer
308below.
309.It Aq Em IP-address
310A name of the ISAKMP peer at the given IP address.
311.El
312.It Bq Sy Phase 2
313IPsec SA negotiation parameter root
314.Bl -tag -width Ds
315.It Em Connections
316A list of directed IPsec "connection" names that should be brought up
317automatically, either on first use if the system supports it, or at
318startup of the daemon.
319These names are section names where further information can be found.
320Look at
321.Aq Sy IPsec-connection
322below.
323Normally any connections mentioned here are treated as part of the
324"Passive-connection" list we present below; however there is a flag,
325.Em Active-only ,
326that disables this behaviour.
327This too is mentioned in the
328.Aq Sy IPsec-connection
329section, in the "Flags" tag.
330.It Em Passive-connections
331A list of IPsec "connection" names we recognize and accept initiations for.
332These names are section names where further information can be found.
333Look at
334.Aq Sy IPsec-connection
335below.
336Currently only the Local-ID and Remote-ID tags
337are looked at in those sections, as they are matched against the IDs given
338by the initiator.
339.El
340.It Bq Sy KeyNote
341KeyNote configuration section
342.Bl -tag -width Ds
343.It Em Credential-directory
344A directory containing directories named after IDs (IP
345addresses,
346.Dq user@domain ,
347or hostnames) that contain files named
348.Dq credentials
349and
350.Dq private_key .
351.Pp
352The credentials file contains
353.Xr keynote 4
354credentials that are sent to a remote IKE daemon when we use the
355associated ID, or credentials that we may want to consider when doing
356an exchange with a remote IKE daemon that uses that ID.
357Note that, in the former case, the last credential in the file
358MUST contain our public key in its Licensees field.
359More than one credentials may exist in the file.
360They are separated by whitelines (the format is essentially the same as
361that of the policy file).
362The credentials are of the same format as the policies described in
363.Xr isakmpd.policy 5 .
364The only difference is that the Authorizer field contains a public
365key, and the assertion is signed.
366Signed assertions can be generated using the
367.Xr keynote 1
368utility.
369.Pp
370The private_key file contains the private RSA key we use for
371authentication.
372If the directory (and the files) exist, they take precedence over X509-based
373authentication.
374.El
375.It Bq Sy X509-Certificates
376X509-certificate configuration section
377.Bl -tag -width Ds
378.It Em Accept-self-signed
379If this tag is defined, whatever the value is, certificates that
380do not originate from a trusted CA but are self-signed will be
381accepted.
382.It Em Ca-directory
383A directory containing PEM certificates of certification authorities
384that we trust to sign other certificates.
385Note that for a CA to be really trusted, it needs to be somehow
386referred to by policy, in
387.Xr isakmpd.policy 5 .
388The certificates in this directory are used for the actual X.509
389authentication and for cross-referencing policies that refer to
390Distinguished Names (DNs).
391Keeping a separate directory (as opposed to integrating policies
392and X.509 CA certificates) allows for maintenance of a list of
393"well known" CAs without actually having to trust all (or any) of them.
394.It Em Cert-directory
395A directory containing PEM certificates that we trust to be valid.
396These certificates are used in preference to those passed in messages and
397are required to have a subjectAltName extension containing the certificate
398holder identity; usually IP address, FQDN, or User FQDN.
399.It Em Private-key
400The private key matching the public key of our certificate (which should be
401in the "Cert-directory", and have an appropriate subjectAltName field).
402.El
403.El
404.Sh REFERRED-TO SECTIONS
405.Bl -hang -width Ds
406.It Aq Sy ISAKMP-peer
407Parameters for negotiation with an ISAKMP peer
408.Bl -tag -width Ds
409.It Em Address
410If existent, the IP address of the peer.
411.It Em Authentication
412If existent, authentication data for this specific peer.
413In the case of a pre-shared key, this is the key value itself.
414.It Em Configuration
415The name of the ISAKMP-configuration section to use.
416Look at
417.Aq Sy ISAKMP-configuration
418below.
419If unspecified, defaults to "Default-phase-1-configuration".
420.It Em Flags
421A comma-separated list of flags controlling the further
422handling of the ISAKMP SA.
423Currently there are no specific ISAKMP SA flags defined.
424.It Em ID
425If existent, the name of the section that describes the
426local client ID that we should present to our peer.
427If not present, it
428defaults to the address of the local interface we are sending packets
429over to the remote daemon.
430Look at
431.Aq Sy Phase1-ID
432below.
433.It Em Local-address
434The Local IP address to use, if we are multi-homed, or have aliases.
435.It Em Phase
436The constant
437.Sq 1 ,
438as ISAKMP-peers and IPsec-connections
439really are handled by the same code inside
440.Xr isakmpd 8 .
441.It Em Port
442For UDP, the UDP port number to send to.
443This is optional;
444the default value is 500 which is the IANA-registered number for ISAKMP.
445.It Em Remote-ID
446If existent, the name of the section that describes the remote client
447ID we expect the remote daemon to send us.
448If not present, it defaults to the address of the remote daemon.
449Look at
450.Aq Sy Phase1-ID
451below.
452.It Em Transport
453The name of the transport protocol; defaults to UDP.
454.El
455.It Aq Sy Phase1-ID
456Parameters for Phase 1 negotiation
457.Bl -tag -width Ds
458.It Em Address
459If the ID-type is
460.Li IPV4_ADDR
461or
462.Li IPV6_ADDR ,
463this tag should exist and be an IP address.
464.It Em ID-type
465The ID type as given by the RFC specifications.
466For phase 1 this is currently
467.Li IPV4_ADDR ,
468.Li IPV4_ADDR_SUBNET ,
469.Li IPV6_ADDR ,
470.Li IPV6_ADDR_SUBNET ,
471.Li FQDN ,
472.Li USER_FQDN ,
473or
474.Li KEY_ID .
475.It Em Name
476If the ID-type is
477.Li FQDN ,
478.Li USER_FQDN ,
479or
480.Li KEY_ID ,
481this tag should exist and contain a domain name, user@domain, or
482other identifying string respectively.
483.Pp
484In the case of
485.Li KEY_ID ,
486note that the IKE protocol allows any octet sequence to be sent or
487received under this payload, potentially including non-printable
488ones.
489.Xr isakmpd 8
490can only transmit printable
491.Li KEY_ID
492payloads, but can receive and process arbitrary
493.Li KEY_ID
494payloads.
495This effectively means that non-printable
496.Li KEY_ID
497remote identities cannot be verified through this means, although it
498is still possible to do so through
499.Xr isakmpd.policy 5 .
500.It Em Netmask
501If the ID-type is
502.Li IPV4_ADDR_SUBNET
503or
504.Li IPV6_ADDR_SUBNET ,
505this tag should exist and
506be a network subnet mask.
507.It Em Network
508If the ID-type is
509.Li IPV4_ADDR_SUBNET
510or
511.Li IPV6_ADDR_SUBNET ,
512this tag should exist and
513be a network address.
514.El
515.It Aq Sy ISAKMP-configuration
516Parameters for ISAKMP configuration
517.Bl -tag -width Ds
518.It Em DOI
519The domain of interpretation as given by the RFCs.
520Normally
521.Li IPSEC .
522If unspecified, defaults to
523.Li IPSEC .
524.It Em EXCHANGE_TYPE
525The exchange type as given by the RFCs.
526For main mode this is
527.Li ID_PROT
528and for aggressive mode it is
529.Li AGGRESSIVE .
530.It Em Transforms
531A list of proposed transforms to use for protecting the
532ISAKMP traffic.
533These are actually names for sections
534further describing the transforms.
535Look at
536.Aq Sy ISAKMP-transform
537below.
538.El
539.It Aq Sy ISAKMP-transform
540Parameters for ISAKMP authentication
541.Bl -tag -width Ds
542.It Em AUTHENTICATION_METHOD
543The authentication method as the RFCs name it, or ANY.
544.It Em ENCRYPTION_ALGORITHM
545The encryption algorithm as the RFCs name it, or ANY to denote that any
546encryption algorithm proposed will be accepted.
547.It Em GROUP_DESCRIPTION
548The group used for Diffie-Hellman exponentiations, or ANY.
549The names are symbolic, like
550.Li MODP_768 , MODP_1024 , EC_155 ,
551and
552.Li EC_185 .
553.It Em HASH_ALGORITHM
554The hash algorithm as the RFCs name it, or ANY.
555.It Em KEY_LENGTH
556For encryption algorithms with variable key length, this is
557where the offered/accepted keylengths are described.
558The value is of the offer-accept kind described above.
559.It Em Life
560A list of lifetime descriptions, or ANY.
561In the former case, each
562element is in itself a name of the section that defines the lifetime.
563Look at
564.Aq Sy Lifetime
565below.
566If it is set to ANY, then any type of
567proposed lifetime type and value will be accepted.
568.It Em PRF
569The algorithm to use for the keyed pseudo-random function (used for key
570derivation and authentication in phase 1), or ANY.
571.El
572.It Aq Sy Lifetime
573Parameters for connection duration
574.Bl -tag -width Ds
575.It Em LIFE_DURATION
576An offer/accept kind of value; see above.
577Can also be set to ANY.
578.It Em LIFE_TYPE
579.Li SECONDS
580or
581.Li KILOBYTES
582depending on the type of the duration.
583Notice that this field may NOT be set to ANY.
584.El
585.It Aq Sy IPsec-connection
586Parameters for IPsec connection configuration
587.Bl -tag -width Ds
588.It Em Configuration
589The name of the IPsec-configuration section to use.
590Look at
591.Aq Sy IPsec-configuration
592below.
593.It Em Flags
594A comma-separated list of flags controlling the further
595handling of the IPsec SA.
596Currently only one flag is defined:
597.Bl -tag -width 12n
598.It Em Active-only
599If this flag is given and this
600.Aq Sy IPsec-connection
601is part of the phase 2
602connections we automatically keep up, it will not automatically be used for
603accepting connections from the peer.
604.El
605.It Em ISAKMP-peer
606The name of the ISAKMP-peer to talk to in order to
607set up this connection.
608The value is the name of an
609.Aq Sy ISAKMP-peer
610section.
611See above.
612.It Em Local-ID
613If existent, the name of the section that describes the
614optional local client ID that we should present to our peer.
615It is also used when we act as responders to find out what
616.Aq Sy IPsec-connection
617we are dealing with.
618Look at
619.Aq Sy IPsec-ID
620below.
621.It Em Phase
622The constant
623.Sq 2 ,
624as ISAKMP-peers and IPsec-connections
625really are handled by the same code inside
626.Xr isakmpd 8 .
627.It Em Remote-ID
628If existent, the name of the section that describes the
629optional remote client ID that we should present to our peer.
630It is also used when we act as responders to find out what
631.Aq Sy IPsec-connection
632we are dealing with.
633Look at
634.Aq Sy IPsec-ID
635below.
636.El
637.It Aq Sy IPsec-configuration
638Parameters for IPsec configuration
639.Bl -tag -width Ds
640.It Em DOI
641The domain of interpretation as given by the RFCs.
642Normally
643.Li IPSEC .
644If unspecified, defaults to
645.Li IPSEC .
646.It Em EXCHANGE_TYPE
647The exchange type as given by the RFCs.
648For quick mode this is
649.Li QUICK_MODE .
650.It Em Suites
651A list of protection suites (bundles of protocols) usable for
652protecting the IP traffic.
653Each of the list elements is a name of an
654.Aq Sy IPsec-suite
655section.
656See below.
657.El
658.It Aq Sy IPsec-suite
659Parameters for IPsec protection suite configuration
660.Bl -tag -width Ds
661.It Em Protocols
662A list of the protocols included in this protection suite.
663Each of the list elements is a name of an
664.Aq Sy IPsec-protocol
665section.
666See below.
667.El
668.It Aq Sy IPsec-protocol
669Parameters for IPsec protocol configuration
670.Bl -tag -width Ds
671.It Em PROTOCOL_ID
672The protocol as given by the RFCs.
673Acceptable values are currently
674.Li IPSEC_AH
675and
676.Li IPSEC_ESP .
677.It Em ReplayWindow
678The size of the window used for replay protection.
679This is normally left alone.
680Look at the ESP and AH RFCs for a better description.
681.It Em Transforms
682A list of transforms usable for implementing the protocol.
683Each of the list elements is a name of an
684.Aq Sy IPsec-transform
685section.
686See below.
687.El
688.It Aq Sy IPsec-transform
689Parameters for IPsec transform configuration
690.Bl -tag -width Ds
691.It Em AUTHENTICATION_ALGORITHM
692The optional authentication algorithm in the case of this
693being an ESP transform.
694.It Em ENCAPSULATION_MODE
695The encapsulation mode as given by the RFCs.
696This means TRANSPORT or TUNNEL.
697.It Em GROUP_DESCRIPTION
698An optional (provides PFS if present) Diffie-Hellman group
699description.
700The values are the same as those for GROUP_DESCRIPTION in
701.Aq Sy ISAKMP-transform
702sections shown above.
703.It Em Life
704List of lifetimes, each element is a
705.Aq Sy Lifetime
706section name.
707.It Em TRANSFORM_ID
708The transform ID as given by the RFCs.
709.El
710.It Aq Sy IPsec-ID
711Parameters for IPsec ID configuration
712.Bl -tag -width Ds
713.It Em Address
714If the ID-type is
715.Li IPV4_ADDR
716or
717.Li IPV6_ADDR ,
718this tag should exist and be an IP address, an interface name, or the
719.Em default
720keyword.
721If an interface is used, the first address of the appropriate
722family will be used.
723The
724.Em default
725keyword uses the interface associated with the default route.
726In the case of IPv6, link-local addresses will be skipped if
727addresses which are not link-local exist.
728If the address on the interface changes
729.Xr isakmpd 8
730will not track the change.
731The configuration must be reloaded to learn the new address.
732.It Em ID-type
733The ID type as given by the RFCs.
734For IPsec this is currently
735.Li IPV4_ADDR ,
736.Li IPV6_ADDR ,
737.Li IPV4_ADDR_SUBNET ,
738or
739.Li IPV6_ADDR_SUBNET .
740.It Em Netmask
741If the ID-type is
742.Li IPV4_ADDR_SUBNET
743or
744.Li IPV6_ADDR_SUBNET ,
745this tag should exist and
746be a network subnet mask or an interface.
747When an interface is specified, the netmask is the mask associated with the
748.Em Network .
749The
750.Em default
751keyword uses the interface associated with the default route.
752.It Em Network
753If the ID-type is
754.Li IPV4_ADDR_SUBNET
755or
756.Li IPV6_ADDR_SUBNET ,
757this tag should exist and be a network address, an interface, or the
758.Em default
759keyword.
760When an interface is specified, the network is selected as with the
761.Em Address
762tag.
763.It Em Port
764If the ID-type is
765.Li IPV4_ADDR ,
766.Li IPV4_ADDR_SUBNET ,
767.Li IPV6_ADDR ,
768or
769.Li IPV6_ADDR_SUBNET ,
770this tag indicates what source or destination port is allowed to be
771transported over the SA (depending on whether this is a local or
772remote ID).
773If left unspecified, all ports of the given transport protocol
774will be transmitted (or permitted) over the SA.
775The
776.Em Protocol
777tag must be specified in conjunction with this tag.
778.It Em Protocol
779If the ID-type is
780.Li IPV4_ADDR ,
781.Li IPV4_ADDR_SUBNET ,
782.Li IPV6_ADDR ,
783or
784.Li IPV6_ADDR_SUBNET ,
785this tag indicates what transport protocol should be transmitted over
786the SA.
787If left unspecified, all transport protocols between the two address
788(ranges) will be sent (or permitted) over that SA.
789.El
790.El
791.Sh OTHER SECTIONS
792.Bl -hang -width 8n
793.It Aq Sy IKECFG-ID
794Parameters to use with IKE mode-config.
795One ID per peer.
796.Pp
797An IKECFG-ID is written as [<ID-type>/<name>].
798The following ID types are supported:
799.Pp
800.Bl -tag -width "ASN1_DNXX" -offset indent -compact
801.It IPv4
802[ipv4/A.B.C.D]
803.It IPv6
804[ipv6/abcd:abcd::ab:cd]
805.It FQDN
806[fqdn/foo.bar.org]
807.It UFQDN
808[ufqdn/user@foo.bar.org]
809.It ASN1_DN
810[asn1_dn//C=aa/O=cc/...] (Note the double slashes as the DN itself
811starts with a
812.Sq / . )
813.El
814.Pp
815Each section specifies what configuration values to return to the peer
816requesting IKE mode-config.
817Currently supported values are:
818.Pp
819.Bl -tag -width "WINS-serverXX" -offset indent -compact
820.It Em Address
821The peer's network address.
822.It Em Netmask
823The peer's netmask.
824.It Em Nameserver
825The IP address of a DNS nameserver.
826.It Em WINS-server
827The IP address of a WINS server.
828.El
829.It Aq Sy Initiator-ID
830Parameters for peer initiator configuration
831.Pp
832During phase 1 negotiation
833.Xr isakmpd 8
834looks for a pre-shared key in the
835.Aq Sy ISAKMP-peer
836section.
837If no Authentication data is specified in that section, and
838.Xr isakmpd 8
839is not the initiator, it looks for Authentication data in a section named after
840the initiator's phase 1 ID.
841This allows mobile users with dynamic IP addresses
842to have different shared secrets.
843.Pp
844This only works for aggressive mode because in main mode the remote
845initiator ID would not yet be known.
846Note, however, that use of aggressive mode is discouraged.
847See
848.Sx CAVEATS ,
849below.
850.Pp
851The name of the
852.Aq Sy Initiator-ID
853section depends on the ID type sent by the initiator.
854Currently this can be:
855.Pp
856.Bl -tag -width "UFQDNXX" -offset indent -compact
857.It IPv4
858[A.B.C.D]
859.It IPv6
860[abcd:abcd::ab:cd]
861.It FQDN
862[foo.bar.org]
863.It UFQDN
864[user@foo.bar.org]
865.El
866.El
867.Sh FILES
868.Bl -tag -width /etc/isakmpd/isakmpd.conf
869.It Pa /etc/isakmpd/isakmpd.conf
870The default
871.Xr isakmpd 8
872configuration file.
873.It Pa /usr/share/ipsec/isakmpd/
874A directory containing some sample
875.Xr isakmpd 8
876configuration files.
877.El
878.Sh EXAMPLES
879An example of a configuration file:
880.Bd -literal
881# A configuration sample for the isakmpd ISAKMP/Oakley (aka IKE) daemon.
882
883[General]
884Listen-on=		10.1.0.2
885
886# Incoming phase 1 negotiations are multiplexed on the source IP address
887[Phase 1]
88810.1.0.1=		ISAKMP-peer-west
889
890# These connections are walked over after config file parsing and told
891# to the application layer so that it will inform us when traffic wants to
892# pass over them.  This means we can do on-demand keying.
893[Phase 2]
894Connections=		IPsec-east-west
895
896# Default values are commented out.
897[ISAKMP-peer-west]
898Phase=			1
899#Transport=		udp
900Local-address=		10.1.0.2
901Address=		10.1.0.1
902#Port=			isakmp
903#Port=			500
904#Configuration=		Default-phase-1-configuration
905Authentication=		mekmitasdigoat
906#Flags=
907
908[IPsec-east-west]
909Phase=			2
910ISAKMP-peer=		ISAKMP-peer-west
911Configuration=		Default-quick-mode
912Local-ID=		Net-east
913Remote-ID=		Net-west
914#Flags=
915
916[Net-west]
917ID-type=		IPV4_ADDR_SUBNET
918Network=		192.168.1.0
919Netmask=		255.255.255.0
920
921[Net-east]
922ID-type=		IPV4_ADDR_SUBNET
923Network=		192.168.2.0
924Netmask=		255.255.255.0
925
926# Quick mode descriptions
927
928[Default-quick-mode]
929EXCHANGE_TYPE=		QUICK_MODE
930Suites=			QM-ESP-3DES-SHA-PFS-SUITE,QM-ESP-AES-SHA-PFS-SUITE
931
932# Data for an IKE mode-config peer
933[asn1_dn//C=SE/L=SomeCity/O=SomeCompany/CN=SomePeer.company.com]
934Address=		192.168.1.123
935Netmask=		255.255.255.0
936Nameserver=		192.168.1.10
937WINS-server=		192.168.1.11
938
939# pre-shared key based on initiator's phase 1 ID
940[foo.bar.org]
941Authentication=		mekmitasdigoat
942
943#
944# #####################################################################
945# All configuration data below this point is not required as the example
946# uses the predefined Main Mode transform and Quick Mode suite names.
947# It is included here for completeness.  Note the default values for the
948# [General] and [X509-certificates] sections just below.
949# #####################################################################
950#
951
952[General]
953Policy-file=		/etc/isakmpd/isakmpd.policy
954Retransmits=		3
955Exchange-max-time=	120
956
957# KeyNote credential storage
958[KeyNote]
959Credential-directory=	/etc/isakmpd/keynote/
960
961# Certificates stored in PEM format
962[X509-certificates]
963CA-directory=           /etc/isakmpd/ca/
964Cert-directory=         /etc/isakmpd/certs/
965CRL-directory=		/etc/isakmpd/crls/
966Private-key=		/etc/isakmpd/private/local.key
967
968# Default phase 1 description (Main Mode)
969
970[Default-phase-1-configuration]
971EXCHANGE_TYPE=		ID_PROT
972Transforms=		3DES-SHA
973
974# Main mode transforms
975######################
976
977# DES
978
979[DES-MD5]
980ENCRYPTION_ALGORITHM=	DES_CBC
981HASH_ALGORITHM=		MD5
982AUTHENTICATION_METHOD=	PRE_SHARED
983GROUP_DESCRIPTION=	MODP_1024
984Life=			Default-phase-1-lifetime
985
986[DES-SHA]
987ENCRYPTION_ALGORITHM=	DES_CBC
988HASH_ALGORITHM=		SHA
989AUTHENTICATION_METHOD=	PRE_SHARED
990GROUP_DESCRIPTION=	MODP_1024
991Life=			Default-phase-1-lifetime
992
993# 3DES
994
995[3DES-SHA]
996ENCRYPTION_ALGORITHM=	3DES_CBC
997HASH_ALGORITHM=		SHA
998AUTHENTICATION_METHOD=	PRE_SHARED
999GROUP_DESCRIPTION=	MODP_1024
1000Life=			Default-phase-1-lifetime
1001
1002# Blowfish
1003
1004[BLF-SHA]
1005ENCRYPTION_ALGORITHM=	BLOWFISH_CBC
1006KEY_LENGTH=		128,96:192
1007HASH_ALGORITHM=		SHA
1008AUTHENTICATION_METHOD=	PRE_SHARED
1009GROUP_DESCRIPTION=	MODP_1024
1010Life=			Default-phase-1-lifetime
1011
1012# Blowfish, using DH group 4 (non-default)
1013[BLF-SHA-EC185]
1014ENCRYPTION_ALGORITHM=	BLOWFISH_CBC
1015KEY_LENGTH=		128,96:192
1016HASH_ALGORITHM=		SHA
1017AUTHENTICATION_METHOD=	PRE_SHARED
1018GROUP_DESCRIPTION=	EC2N_185
1019Life=			Default-phase-1-lifetime
1020
1021# Quick mode protection suites
1022##############################
1023
1024# DES
1025
1026[QM-ESP-DES-SUITE]
1027Protocols=		QM-ESP-DES
1028
1029[QM-ESP-DES-PFS-SUITE]
1030Protocols=		QM-ESP-DES-PFS
1031
1032[QM-ESP-DES-MD5-SUITE]
1033Protocols=		QM-ESP-DES-MD5
1034
1035[QM-ESP-DES-MD5-PFS-SUITE]
1036Protocols=		QM-ESP-DES-MD5-PFS
1037
1038[QM-ESP-DES-SHA-SUITE]
1039Protocols=		QM-ESP-DES-SHA
1040
1041[QM-ESP-DES-SHA-PFS-SUITE]
1042Protocols=		QM-ESP-DES-SHA-PFS
1043
1044# 3DES
1045
1046[QM-ESP-3DES-SHA-SUITE]
1047Protocols=		QM-ESP-3DES-SHA
1048
1049[QM-ESP-3DES-SHA-PFS-SUITE]
1050Protocols=		QM-ESP-3DES-SHA-PFS
1051
1052# AES
1053
1054[QM-ESP-AES-SHA-SUITE]
1055Protocols=              QM-ESP-AES-SHA
1056
1057[QM-ESP-AES-SHA-PFS-SUITE]
1058Protocols=              QM-ESP-AES-SHA-PFS
1059
1060# AH
1061
1062[QM-AH-MD5-SUITE]
1063Protocols=		QM-AH-MD5
1064
1065[QM-AH-MD5-PFS-SUITE]
1066Protocols=		QM-AH-MD5-PFS
1067
1068# AH + ESP (non-default)
1069
1070[QM-AH-MD5-ESP-DES-SUITE]
1071Protocols=		QM-AH-MD5,QM-ESP-DES
1072
1073[QM-AH-MD5-ESP-DES-MD5-SUITE]
1074Protocols=		QM-AH-MD5,QM-ESP-DES-MD5
1075
1076[QM-ESP-DES-MD5-AH-MD5-SUITE]
1077Protocols=		QM-ESP-DES-MD5,QM-AH-MD5
1078
1079# Quick mode protocols
1080
1081# DES
1082
1083[QM-ESP-DES]
1084PROTOCOL_ID=		IPSEC_ESP
1085Transforms=		QM-ESP-DES-XF
1086
1087[QM-ESP-DES-MD5]
1088PROTOCOL_ID=		IPSEC_ESP
1089Transforms=		QM-ESP-DES-MD5-XF
1090
1091[QM-ESP-DES-MD5-PFS]
1092PROTOCOL_ID=		IPSEC_ESP
1093Transforms=		QM-ESP-DES-MD5-PFS-XF
1094
1095[QM-ESP-DES-SHA]
1096PROTOCOL_ID=		IPSEC_ESP
1097Transforms=		QM-ESP-DES-SHA-XF
1098
1099# 3DES
1100
1101[QM-ESP-3DES-SHA]
1102PROTOCOL_ID=		IPSEC_ESP
1103Transforms=		QM-ESP-3DES-SHA-XF
1104
1105[QM-ESP-3DES-SHA-PFS]
1106PROTOCOL_ID=		IPSEC_ESP
1107Transforms=		QM-ESP-3DES-SHA-PFS-XF
1108
1109[QM-ESP-3DES-SHA-TRP]
1110PROTOCOL_ID=		IPSEC_ESP
1111Transforms=		QM-ESP-3DES-SHA-TRP-XF
1112
1113# AES
1114
1115[QM-ESP-AES-SHA]
1116PROTOCOL_ID=		IPSEC_ESP
1117Transforms=		QM-ESP-AES-SHA-XF
1118
1119[QM-ESP-AES-SHA-PFS]
1120PROTOCOL_ID=		IPSEC_ESP
1121Transforms=		QM-ESP-AES-SHA-PFS-XF
1122
1123[QM-ESP-AES-SHA-TRP]
1124PROTOCOL_ID=		IPSEC_ESP
1125Transforms=		QM-ESP-AES-SHA-TRP-XF
1126
1127# AH MD5
1128
1129[QM-AH-MD5]
1130PROTOCOL_ID=		IPSEC_AH
1131Transforms=		QM-AH-MD5-XF
1132
1133[QM-AH-MD5-PFS]
1134PROTOCOL_ID=		IPSEC_AH
1135Transforms=		QM-AH-MD5-PFS-XF
1136
1137# Quick mode transforms
1138
1139# ESP DES+MD5
1140
1141[QM-ESP-DES-XF]
1142TRANSFORM_ID=		DES
1143ENCAPSULATION_MODE=	TUNNEL
1144Life=			Default-phase-2-lifetime
1145
1146[QM-ESP-DES-MD5-XF]
1147TRANSFORM_ID=		DES
1148ENCAPSULATION_MODE=	TUNNEL
1149AUTHENTICATION_ALGORITHM=	HMAC_MD5
1150Life=			Default-phase-2-lifetime
1151
1152[QM-ESP-DES-MD5-PFS-XF]
1153TRANSFORM_ID=		DES
1154ENCAPSULATION_MODE=	TUNNEL
1155GROUP_DESCRIPTION=	MODP_1024
1156AUTHENTICATION_ALGORITHM=	HMAC_MD5
1157Life=			Default-phase-2-lifetime
1158
1159[QM-ESP-DES-SHA-XF]
1160TRANSFORM_ID=		DES
1161ENCAPSULATION_MODE=	TUNNEL
1162AUTHENTICATION_ALGORITHM=	HMAC_SHA
1163Life=			Default-phase-2-lifetime
1164
1165# 3DES
1166
1167[QM-ESP-3DES-SHA-XF]
1168TRANSFORM_ID=		3DES
1169ENCAPSULATION_MODE=	TUNNEL
1170AUTHENTICATION_ALGORITHM=	HMAC_SHA
1171Life=			Default-phase-2-lifetime
1172
1173[QM-ESP-3DES-SHA-PFS-XF]
1174TRANSFORM_ID=		3DES
1175ENCAPSULATION_MODE=	TUNNEL
1176AUTHENTICATION_ALGORITHM=	HMAC_SHA
1177GROUP_DESCRIPTION=	MODP_1024
1178Life=			Default-phase-2-lifetime
1179
1180[QM-ESP-3DES-SHA-TRP-XF]
1181TRANSFORM_ID=		3DES
1182ENCAPSULATION_MODE=	TRANSPORT
1183AUTHENTICATION_ALGORITHM=	HMAC_SHA
1184Life=			Default-phase-2-lifetime
1185
1186# AES
1187
1188[QM-ESP-AES-SHA-XF]
1189TRANSFORM_ID=		AES
1190ENCAPSULATION_MODE=	TUNNEL
1191AUTHENTICATION_ALGORITHM=	HMAC_SHA
1192Life=			Default-phase-2-lifetime
1193
1194[QM-ESP-AES-SHA-PFS-XF]
1195TRANSFORM_ID=		AES
1196ENCAPSULATION_MODE=	TUNNEL
1197AUTHENTICATION_ALGORITHM=	HMAC_SHA
1198GROUP_DESCRIPTION=	MODP_1024
1199Life=			Default-phase-2-lifetime
1200
1201[QM-ESP-AES-SHA-TRP-XF]
1202TRANSFORM_ID=		AES
1203ENCAPSULATION_MODE=	TRANSPORT
1204AUTHENTICATION_ALGORITHM=	HMAC_SHA
1205Life=			Default-phase-2-lifetime
1206
1207# AH
1208
1209[QM-AH-MD5-XF]
1210TRANSFORM_ID=		MD5
1211ENCAPSULATION_MODE=	TUNNEL
1212AUTHENTICATION_ALGORITHM=	HMAC_MD5
1213Life=			Default-phase-2-lifetime
1214
1215[QM-AH-MD5-PFS-XF]
1216TRANSFORM_ID=		MD5
1217ENCAPSULATION_MODE=	TUNNEL
1218GROUP_DESCRIPTION=	MODP_1024
1219Life=			Default-phase-2-lifetime
1220
1221[Sample-Life-Time]
1222LIFE_TYPE=		SECONDS
1223LIFE_DURATION=		3600,1800:7200
1224
1225[Sample-Life-Volume]
1226LIFE_TYPE=		KILOBYTES
1227LIFE_DURATION=		1000,768:1536
1228.Ed
1229.Sh SEE ALSO
1230.Xr keynote 1 ,
1231.Xr openssl 1 ,
1232.Xr ipsec 4 ,
1233.Xr keynote 4 ,
1234.Xr isakmpd.policy 5 ,
1235.Xr isakmpd 8 ,
1236.Xr vpn 8
1237.Sh CAVEATS
1238Using aggressive mode is discouraged due to various design problems.
1239If your peer only supports aggressive mode, please consider replacing that
1240peer with a sane ISAKMP/IKE implementation.
1241For details see
1242.Pa http://www.usenix.org/publications/login/1999-12/features/harmful.html .
1243.Sh BUGS
1244The RFCs do not permit differing DH groups in the same proposal for
1245aggressive and quick mode exchanges.
1246Mixing both PFS and non-PFS suites in a quick mode proposal is not possible,
1247as PFS implies using a DH group.
1248