]>
Commit | Line | Data |
---|---|---|
1 | .\" $NetBSD: racoon.conf.5,v 1.34.4.2 2007/07/18 22:53:03 mgrooms Exp $ | |
2 | .\" | |
3 | .\" Id: racoon.conf.5,v 1.54 2006/08/22 18:17:17 manubsd Exp | |
4 | .\" | |
5 | .\" Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. | |
6 | .\" All rights reserved. | |
7 | .\" | |
8 | .\" Redistribution and use in source and binary forms, with or without | |
9 | .\" modification, are permitted provided that the following conditions | |
10 | .\" are met: | |
11 | .\" 1. Redistributions of source code must retain the above copyright | |
12 | .\" notice, this list of conditions and the following disclaimer. | |
13 | .\" 2. Redistributions in binary form must reproduce the above copyright | |
14 | .\" notice, this list of conditions and the following disclaimer in the | |
15 | .\" documentation and/or other materials provided with the distribution. | |
16 | .\" 3. Neither the name of the project nor the names of its contributors | |
17 | .\" may be used to endorse or promote products derived from this software | |
18 | .\" without specific prior written permission. | |
19 | .\" | |
20 | .\" THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND | |
21 | .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE | |
22 | .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE | |
23 | .\" ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE | |
24 | .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL | |
25 | .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS | |
26 | .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
27 | .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT | |
28 | .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY | |
29 | .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF | |
30 | .\" SUCH DAMAGE. | |
31 | .\" | |
32 | .Dd September 19, 2006 | |
33 | .Dt RACOON.CONF 5 | |
34 | .Os | |
35 | .\" | |
36 | .Sh NAME | |
37 | .Nm racoon.conf | |
38 | .Nd configuration file for racoon | |
39 | .\" | |
40 | .\" .Sh SYNOPSIS | |
41 | .\" | |
42 | .Sh DESCRIPTION | |
43 | .Nm | |
44 | is the configuration file for the | |
45 | .Xr racoon 8 | |
46 | ISAKMP daemon. | |
47 | .Xr racoon 8 | |
48 | negotiates security associations for itself (ISAKMP SA, or phase 1 SA) | |
49 | and for kernel IPsec (IPsec SA, or phase 2 SA). | |
50 | The file consists of a sequence of directives and statements. | |
51 | Each directive is composed by a tag and statements, enclosed by | |
52 | .Ql { | |
53 | and | |
54 | .Ql } . | |
55 | Lines beginning with | |
56 | .Ql # | |
57 | are comments. | |
58 | .\" | |
59 | .Ss Meta Syntax | |
60 | Keywords and special characters that the parser expects exactly are | |
61 | displayed using | |
62 | .Ic this | |
63 | font. | |
64 | Parameters are specified with | |
65 | .Ar this | |
66 | font. | |
67 | Square brackets | |
68 | .Po | |
69 | .Ql \&[ | |
70 | and | |
71 | .Ql \&] | |
72 | .Pc | |
73 | are used to show optional keywords and parameters. | |
74 | Note that | |
75 | you have to pay attention when this manual is describing | |
76 | .Ar port | |
77 | numbers. | |
78 | The | |
79 | .Ar port | |
80 | number is always enclosed by | |
81 | .Ql \&[ | |
82 | and | |
83 | .Ql \&] . | |
84 | In this case, the port number is not an optional keyword. | |
85 | If it is possible to omit the | |
86 | .Ar port | |
87 | number, | |
88 | the expression becomes | |
89 | .Bq Bq Ar port . | |
90 | The vertical bar | |
91 | .Pq Ql \&| | |
92 | is used to indicate | |
93 | a choice between optional parameters. | |
94 | Parentheses | |
95 | .Po | |
96 | .Ql \&( | |
97 | and | |
98 | .Ql \&) | |
99 | .Pc | |
100 | are used to group keywords and parameters when necessary. | |
101 | Major parameters are listed below. | |
102 | .Pp | |
103 | .Bl -tag -width addressx -compact | |
104 | .It Ar number | |
105 | means a hexadecimal or a decimal number. | |
106 | The former must be prefixed with | |
107 | .Ql Li 0x . | |
108 | .It Ar string | |
109 | .It Ar path | |
110 | .It Ar file | |
111 | means any string enclosed in | |
112 | .Ql \&" | |
113 | .Pq double quotes . | |
114 | .It Ar address | |
115 | means IPv6 and/or IPv4 address. | |
116 | .It Ar port | |
117 | means a TCP/UDP port number. | |
118 | The port number is always enclosed by | |
119 | .Ql \&[ | |
120 | and | |
121 | .Ql \&] . | |
122 | .It Ar timeunit | |
123 | is one of following: | |
124 | .Ic sec , secs , second , seconds , | |
125 | .Ic min , mins , minute , minutes , | |
126 | .Ic hour , hours . | |
127 | .El | |
128 | .\" | |
129 | .Ss Privilege separation | |
130 | .Bl -tag -width Ds -compact | |
131 | .It Ic privsep { Ar statements Ic } | |
132 | Specifies privilege separation parameters. | |
133 | When enabled, these enable | |
134 | .Xr racoon 8 | |
135 | to operate with an unprivileged instance doing most of the work, while | |
136 | a privileged instance takes care of performing the following operations | |
137 | as root: reading PSK and private keys, launching hook scripts, and | |
138 | validating passwords against system databases or against PAM. | |
139 | Please note that using privilege separation makes changes to the | |
140 | .Ar listen | |
141 | and | |
142 | .Ar paths | |
143 | sections ignored upon configuration reloads. | |
144 | A | |
145 | .Xr racoon 8 | |
146 | restart is required if you want such changes to be taken into account. | |
147 | .Pp | |
148 | .Bl -tag -width Ds -compact | |
149 | .It Ic user Ar user ; | |
150 | The user to which the unprivileged instance of | |
151 | .Xr racoon 8 , | |
152 | should switch. | |
153 | This can be a quoted user name or a numeric UID. | |
154 | .It Ic group Ar group ; | |
155 | The group the unprivilegied instance of | |
156 | .Xr racoon 8 , | |
157 | should switch. | |
158 | This can be a quoted group name or a numeric GID. | |
159 | .It Ic chroot Ar path ; | |
160 | A directory to which the unprivileged instance of | |
161 | .Xr racoon 8 | |
162 | should | |
163 | .Xr chroot 2 . | |
164 | This directory should hold a tree where the following files must be | |
165 | reachable: | |
166 | .Bl -tag -width Ds -compact | |
167 | .It Pa /dev/random | |
168 | .It Pa /dev/urandom | |
169 | .It The certificates | |
170 | .It The file containing the Xauth banner | |
171 | .El | |
172 | .Pp | |
173 | The PSK file, the private keys, and the hook scripts are accessed through the | |
174 | privileged instance of | |
175 | .Xr racoon 8 | |
176 | and do not need to be reachable in the | |
177 | .Xr chroot 2 Ap ed | |
178 | tree. | |
179 | .El | |
180 | .El | |
181 | .Ss Path Specification | |
182 | This section specifies various paths used by racoon. | |
183 | When running in privilege separation mode, | |
184 | .Ic certificate | |
185 | and | |
186 | .Ic script | |
187 | paths are mandatory. A | |
188 | .Xr racoon 8 | |
189 | restart is required if you want path changes to be taken into account. | |
190 | .Bl -tag -width Ds -compact | |
191 | .It Ic path include Ar path ; | |
192 | Specifies a path to include a file. | |
193 | See | |
194 | .Sx File Inclusion . | |
195 | .It Ic path pre_shared_key Ar file ; | |
196 | Specifies a file containing pre-shared key(s) for various ID(s). | |
197 | See | |
198 | .Sx Pre-shared key File . | |
199 | .It Ic path certificate Ar path ; | |
200 | .Xr racoon 8 | |
201 | will search this directory if a certificate or certificate request is received. | |
202 | If you run with privilege separation, | |
203 | .Xr racoon 8 | |
204 | will refuse to use a certificate stored outside of this directory. | |
205 | .It Ic path backupsa Ar file ; | |
206 | Specifies a file to which SA information negotiated by | |
207 | racoon should be stored. | |
208 | .Xr racoon 8 | |
209 | will install SA(s) from the file when started with the | |
210 | .Fl B | |
211 | flag. | |
212 | The file is growing because | |
213 | .Xr racoon 8 | |
214 | simply adds SAs to it. | |
215 | You should maintain the file manually. | |
216 | .It Ic path script Ar path ; | |
217 | .Xr racoon 8 | |
218 | will search this directory for scripts hooks. | |
219 | If you run with privilege separation, | |
220 | .Xr racoon 8 | |
221 | will refuse to execute a script stored outside of this directory. | |
222 | .It Ic path pidfile Ar file ; | |
223 | Specifies file where to store PID of process. | |
224 | If path starts with | |
225 | .Pa / | |
226 | it is treated as an absolute path. Otherwise, it is treated as a relative | |
227 | path to the VARRUN directory specified at compilation time. | |
228 | Default is | |
229 | .Pa racoon.pid . | |
230 | .El | |
231 | .\" | |
232 | .Ss File Inclusion | |
233 | .Bl -tag -width Ds -compact | |
234 | .It Ic include Ar file | |
235 | Specifies other configuration files to be included. | |
236 | .El | |
237 | .\" | |
238 | .Ss Identifier Specification | |
239 | is obsolete. | |
240 | It must be defined at each | |
241 | .Ic remote | |
242 | directive. | |
243 | .\" | |
244 | .Ss Timer Specification | |
245 | .Bl -tag -width Ds -compact | |
246 | .It Ic timer { Ar statements Ic } | |
247 | This section specifies various timer values used by racoon. | |
248 | .Pp | |
249 | .Bl -tag -width Ds -compact | |
250 | .It Ic counter Ar number ; | |
251 | The maximum number of retries to send. | |
252 | The default is 5. | |
253 | .It Ic interval Ar number Ar timeunit ; | |
254 | The interval to resend, in seconds. | |
255 | The default time is 10 seconds. | |
256 | .It Ic persend Ar number ; | |
257 | The number of packets per send. | |
258 | The default is 1. | |
259 | .It Ic phase1 Ar number Ar timeunit ; | |
260 | The maximum time it should take to complete phase 1. | |
261 | The default time is 15 seconds. | |
262 | .It Ic phase2 Ar number Ar timeunit ; | |
263 | The maximum time it should take to complete phase 2. | |
264 | The default time is 10 seconds. | |
265 | .It Ic natt_keepalive Ar number Ar timeunit ; | |
266 | The interval between sending NAT-Traversal keep-alive packets. | |
267 | The default time is 20 seconds. | |
268 | Set to 0s to disable keep-alive packets. | |
269 | .El | |
270 | .El | |
271 | .\" | |
272 | .Ss Listening Port Specification | |
273 | .Bl -tag -width Ds -compact | |
274 | .It Ic listen { Ar statements Ic } | |
275 | If no | |
276 | .Ar listen | |
277 | directive is specified, | |
278 | .Xr racoon 8 | |
279 | will listen on all available interface addresses. | |
280 | The following is the list of valid statements: | |
281 | .Pp | |
282 | .Bl -tag -width Ds -compact | |
283 | .\" How do I express bold brackets; `[' and `]' . | |
284 | .\" Answer: For bold brackets, do "Ic \&[ foo \&]". | |
285 | .\" Is the "Bq Ic [ Ar port ] ;" buggy ? | |
286 | .It Ic isakmp Ar address Bq Bq Ar port ; | |
287 | If this is specified, | |
288 | .Xr racoon 8 | |
289 | will only listen on the defined | |
290 | .Ar address . | |
291 | The default port is 500, which is specified by IANA. | |
292 | You can provide more than one address definition. | |
293 | .It Ic isakmp_natt Ar address Bq Ar port ; | |
294 | Same as | |
295 | .Ic isakmp | |
296 | but also sets the socket options to accept UDP-encapsulated ESP traffic for | |
297 | NAT-Traversal. | |
298 | If you plan to use NAT-T, you should provide at least one address | |
299 | with port 4500, which is specified by IANA. | |
300 | There is no default. | |
301 | .It Ic strict_address ; | |
302 | Requires that all addresses for ISAKMP be bound. | |
303 | This statement will be ignored if you do not specify address definitions. | |
304 | .El | |
305 | When running in privilege separation mode, you need to restart | |
306 | .Xr racoon 8 | |
307 | to have changes to the | |
308 | .Ar listen | |
309 | section taken into account. | |
310 | .Pp | |
311 | The | |
312 | .Ar listen | |
313 | section can also be used to specify the admin socket mode and ownership | |
314 | if racoon was built with support for admin port. | |
315 | .Bl -tag -width Ds -compact | |
316 | .It Ic adminsock Ar path Op Ar owner\ group\ mode ; | |
317 | The | |
318 | .Ar path , | |
319 | .Ar owner , | |
320 | and | |
321 | .Ar group | |
322 | values specify the socket path, owner, and group. They must be quoted. | |
323 | The defaults are | |
324 | .Pa /var/racoon/racoon.sock , | |
325 | UID 0, and GID 0. | |
326 | .Ar mode | |
327 | is the access mode in octal. The default is 0600. | |
328 | .It Ic adminsock disabled ; | |
329 | This directive tells racoon to not listen on the admin socket. | |
330 | .El | |
331 | .El | |
332 | .\" | |
333 | .Ss Miscellaneous Global Parameters | |
334 | .Bl -tag -width Ds -compact | |
335 | .It Ic gss_id_enc Ar enctype ; | |
336 | Older versions of | |
337 | .Xr racoon 8 | |
338 | used ISO-Latin-1 as the encoding of the GSS-API identifier attribute. | |
339 | For interoperability with Microsoft Windows' GSS-API authentication | |
340 | scheme, the default encoding has been changed to UTF-16LE. | |
341 | The | |
342 | .Ic gss_id_enc | |
343 | parameter allows | |
344 | .Xr racoon 8 | |
345 | to be configured to use the old encoding for compatibility with existing | |
346 | .Xr racoon 8 | |
347 | installations. | |
348 | The following are valid values for | |
349 | .Ar enctype : | |
350 | .Pp | |
351 | .Bl -tag -width Ds -compact | |
352 | .It Ic utf-16le | |
353 | Use UTF-16LE to encode the GSS-API identifier attribute. | |
354 | This is the default encoding. | |
355 | This encoding is compatible with Microsoft Windows. | |
356 | .It Ic latin1 | |
357 | Use ISO-Latin-1 to encode the GSS-API identifier attribute. | |
358 | This is the encoding used by older versions of | |
359 | .Xr racoon 8 . | |
360 | .El | |
361 | .El | |
362 | .\" | |
363 | .Ss Remote Nodes Specifications | |
364 | .Bl -tag -width Ds -compact | |
365 | .It Xo | |
366 | .Ic remote ( Ar address | Ic anonymous ) | |
367 | .Bq Bq Ar port | |
368 | .Bq Ic inherit Ar parent | |
369 | .Ic { Ar statements Ic } | |
370 | .Xc | |
371 | Specifies the IKE phase 1 parameters for each remote node. | |
372 | The default port is 500. | |
373 | If | |
374 | .Ic anonymous | |
375 | is specified, the statements will apply to any peer that does not match a | |
376 | more specific | |
377 | .Ic remote | |
378 | directive. | |
379 | .Pp | |
380 | Sections with | |
381 | .Ic inherit Ar parent | |
382 | statements (where | |
383 | .Ar parent | |
384 | is either | |
385 | .Ar address | |
386 | or a keyword | |
387 | .Ic anonymous ) | |
388 | that have all values predefined to those of a given | |
389 | .Ar parent . | |
390 | In these sections it is enough to redefine only the changed parameters. | |
391 | .Pp | |
392 | The following are valid statements. | |
393 | .Pp | |
394 | .Bl -tag -width Ds -compact | |
395 | .\" | |
396 | .It Ic exchange_mode ( main | aggressive | base ) ; | |
397 | Defines the exchange mode for phase 1 when racoon is the initiator. | |
398 | It also means the acceptable exchange mode when racoon is the responder. | |
399 | More than one mode can be specified by separating them with a comma. | |
400 | All of the modes are acceptable. | |
401 | The first exchange mode is what racoon uses when it is the initiator. | |
402 | .\" | |
403 | .It Ic doi Ic ipsec_doi ; | |
404 | Means to use IPsec DOI as specified in RFC 2407. | |
405 | You can omit this statement. | |
406 | .\" | |
407 | .It Ic situation Ic identity_only ; | |
408 | Means to use SIT_IDENTITY_ONLY as specified in RFC 2407. | |
409 | You can omit this statement. | |
410 | .\" | |
411 | .It Ic identifier Ar idtype ; | |
412 | This statment is obsolete. Instead, use | |
413 | .Ic my_identifier . | |
414 | .\" | |
415 | .It Xo | |
416 | .Ic my_identifier Bq Ar qualifier | |
417 | .Ar idtype ... ; | |
418 | .Xc | |
419 | Specifies the identifier sent to the remote host | |
420 | and the type to use in the phase 1 negotiation. | |
421 | .Ic address, fqdn , user_fqdn , keyid , | |
422 | and | |
423 | .Ic asn1dn | |
424 | can be used as an | |
425 | .Ar idtype . | |
426 | The | |
427 | .Ar qualifier | |
428 | is currently only used for | |
429 | .Ic keyid , | |
430 | and can be either | |
431 | .Ic file | |
432 | or | |
433 | .Ic tag . | |
434 | The possible values are : | |
435 | .Bl -tag -width Ds -compact | |
436 | .It Ic my_identifier Ic address Bq Ar address ; | |
437 | The type is the IP address. | |
438 | This is the default type if you do not specify an identifier to use. | |
439 | .It Ic my_identifier Ic user_fqdn Ar string ; | |
440 | The type is a USER_FQDN (user fully-qualified domain name). | |
441 | .It Ic my_identifier Ic fqdn Ar string ; | |
442 | The type is a FQDN (fully-qualified domain name). | |
443 | .It Xo | |
444 | .Ic my_identifier Ic keyid Bq Ic file | |
445 | .Ar file ; | |
446 | .Xc | |
447 | The type is a KEY_ID, read from the file. | |
448 | .It Ic my_identifier Ic keyid Ic tag Ar string ; | |
449 | The type is a KEY_ID, specified in the quoted string. | |
450 | .It Ic my_identifier Ic asn1dn Bq Ar string ; | |
451 | The type is an ASN.1 distinguished name. | |
452 | If | |
453 | .Ar string | |
454 | is omitted, | |
455 | .Xr racoon 8 | |
456 | will get the DN from the Subject field in the certificate. | |
457 | .El | |
458 | .\" | |
459 | .It Ic xauth_login Bq Ar string ; | |
460 | Specifies the login to use in client-side Hybrid authentication. | |
461 | It is available only if | |
462 | .Xr racoon 8 | |
463 | has been built with this option. | |
464 | The associated password is looked up in the pre-shared key files, | |
465 | using the login | |
466 | .Ic string | |
467 | as the key id. | |
468 | .\" | |
469 | .It Ic peers_identifier Ar idtype ... ; | |
470 | Specifies the peer's identifier to be received. | |
471 | If it is not defined then | |
472 | .Xr racoon 8 | |
473 | will not verify the peer's identifier in ID payload transmitted from the peer. | |
474 | If it is defined, the behavior of the verification depends on the flag of | |
475 | .Ic verify_identifier . | |
476 | The usage of | |
477 | .Ar idtype | |
478 | is the same as | |
479 | .Ic my_identifier | |
480 | except that the individual component values of an | |
481 | .Ic asn1dn | |
482 | identifier may specified as | |
483 | .Ic * | |
484 | to match any value (e.g. "C=XX, O=MyOrg, OU=*, CN=Mine"). | |
485 | Alternative acceptable peer identifiers may be specified by repeating the | |
486 | .Ic peers_identifier | |
487 | statement. | |
488 | .\" | |
489 | .It Ic verify_identifier (on | off) ; | |
490 | If you want to verify the peer's identifier, | |
491 | set this to on. | |
492 | In this case, if the value defined by | |
493 | .Ic peers_identifier | |
494 | is not the same as the peer's identifier in the ID payload, | |
495 | the negotiation will fail. | |
496 | The default is off. | |
497 | .\" | |
498 | .It Ic certificate_type Ar certspec ; | |
499 | Specifies a certificate specification. | |
500 | .Ar certspec | |
501 | is one of followings: | |
502 | .Bl -tag -width Ds -compact | |
503 | .It Ic x509 Ar certfile Ar privkeyfile ; | |
504 | .Ar certfile | |
505 | means a file name of a certificate. | |
506 | .Ar privkeyfile | |
507 | means a file name of a secret key. | |
508 | .El | |
509 | .Bl -tag -width Ds -compact | |
510 | .It Ic plain_rsa Ar privkeyfile ; | |
511 | .Ar privkeyfile | |
512 | means a file name of a private key generated by plainrsa-gen(8). Required | |
513 | for RSA authentication. | |
514 | .El | |
515 | .It Ic ca_type Ar cacertspec ; | |
516 | Specifies a root certificate authority specification. | |
517 | .Ar cacertspec | |
518 | is one of followings: | |
519 | .Bl -tag -width Ds -compact | |
520 | .It Ic x509 Ar cacertfile ; | |
521 | .Ar cacertfile | |
522 | means a file name of the root certificate authority. | |
523 | Default is | |
524 | .Pa /etc/openssl/cert.pem | |
525 | .El | |
526 | .\" | |
527 | .It Ic mode_cfg (on | off) ; | |
528 | Gather network information through ISAKMP mode configuration. | |
529 | Default is off. | |
530 | .\" | |
531 | .It Ic weak_phase1_check (on | off) ; | |
532 | Tells racoon to act on unencrypted deletion messages during phase 1. | |
533 | This is a small security risk, so the default is off, meaning that | |
534 | racoon will keep on trying to establish a connection even if the | |
535 | user credentials are wrong, for instance. | |
536 | .\" | |
537 | .It Ic peers_certfile ( dnssec | Ar certfile | Ic plain_rsa Ar pubkeyfile ) ; | |
538 | If | |
539 | .Ic dnssec | |
540 | is defined, | |
541 | .Xr racoon 8 | |
542 | will ignore the CERT payload from the peer, | |
543 | and try to get the peer's certificate from DNS instead. | |
544 | If | |
545 | .Ar certfile | |
546 | is defined, | |
547 | .Xr racoon 8 | |
548 | will ignore the CERT payload from the peer, | |
549 | and will use this certificate as the peer's certificate. | |
550 | If | |
551 | .Ic plain_rsa | |
552 | is defined, | |
553 | .Xr racoon 8 | |
554 | will expect | |
555 | .Ar pubkeyfile | |
556 | to be the peer's public key that was generated | |
557 | by plainrsa-gen(8). | |
558 | .\" | |
559 | .It Ic script Ar script Ic phase1_up | |
560 | .It Ic script Ar script Ic phase1_down | |
561 | Shell scripts that get executed when a phase 1 SA goes up or down. | |
562 | Both scripts get either | |
563 | .Ic phase1_up | |
564 | or | |
565 | .Ic phase1_down | |
566 | as first argument, and the following | |
567 | variables are set in their environment: | |
568 | .Bl -tag -width Ds -compact | |
569 | .It Ev LOCAL_ADDR | |
570 | The local address of the phase 1 SA. | |
571 | .It Ev LOCAL_PORT | |
572 | The local port used for IKE for the phase 1 SA. | |
573 | .It Ev REMOTE_ADDR | |
574 | The remote address of the phase 1 SA. | |
575 | .It Ev REMOTE_PORT | |
576 | The remote port used for IKE for the phase 1 SA. | |
577 | .El | |
578 | The following variables are only set if | |
579 | .Ic mode_cfg | |
580 | was enabled: | |
581 | .Bl -tag -width Ds -compact | |
582 | .It INTERNAL_ADDR4 | |
583 | An IPv4 internal address obtained by ISAKMP mode config. | |
584 | .It INTERNAL_NETMASK4 | |
585 | An IPv4 internal netmask obtained by ISAKMP mode config. | |
586 | .It INTERNAL_CIDR4 | |
587 | An IPv4 internal netmask obtained by ISAKMP mode config, in CIDR notation. | |
588 | .It INTERNAL_DNS4 | |
589 | The first internal DNS server IPv4 address obtained by ISAKMP mode config. | |
590 | .It INTERNAL_DNS4_LIST | |
591 | A list of internal DNS servers IPv4 address obtained by ISAKMP mode config, | |
592 | separated by spaces. | |
593 | .It INTERNAL_WINS4 | |
594 | The first internal WINS server IPv4 address obtained by ISAKMP mode config. | |
595 | .It INTERNAL_WINS4_LIST | |
596 | A list of internal WINS servers IPv4 address obtained by ISAKMP mode config, | |
597 | separated by spaces. | |
598 | .It SPLIT_INCLUDE | |
599 | The space separated list of IPv4 addresses and masks (address slash mask) | |
600 | that define the networks to be encrypted (as opposed to the default where | |
601 | all the traffic should be encrypted) ; obtained by ISAKMP mode config ; | |
602 | SPLIT_INCLUDE and SPLIT_LOCAL are mutually exclusive. | |
603 | .It SPLIT_LOCAL | |
604 | The space separated list of IPv4 addresses and masks (address slash mask) | |
605 | that define the networks to be considered local, and thus excluded from the | |
606 | tunnels ; obtained by ISAKMP mode config. | |
607 | .It DEFAULT_DOMAIN | |
608 | The DNS default domain name obtained by ISAKMP mode config. | |
609 | .El | |
610 | .\" | |
611 | .\" | |
612 | .It Ic send_cert (on | off) ; | |
613 | If you do not want to send a certificate, set this to off. | |
614 | The default is on. | |
615 | .\" | |
616 | .It Ic send_cr (on | off) ; | |
617 | If you do not want to send a certificate request, set this to off. | |
618 | The default is on. | |
619 | .\" | |
620 | .It Ic verify_cert (on | off) ; | |
621 | By default, the identifier sent by the remote host (as specified in its | |
622 | .Ic my_identifier | |
623 | statement) is compared with the credentials in the certificate | |
624 | used to authenticate the remote host as follows: | |
625 | .Bl -tag -width Ds -compact | |
626 | .It Type Ic asn1dn: | |
627 | The entire certificate subject name is compared with the identifier, | |
628 | e.g. "C=XX, O=YY, ...". | |
629 | .It Type Ic address, fqdn, or user_fqdn: | |
630 | The certificate's subjectAltName is compared with the identifier. | |
631 | .El | |
632 | If the two do not match the negotiation will fail. | |
633 | If you do not want to verify the identifier using the peer's certificate, | |
634 | set this to off. | |
635 | .\" | |
636 | .It Ic lifetime time Ar number Ar timeunit ; | |
637 | Define a lifetime of a certain time | |
638 | which will be proposed in the phase 1 negotiations. | |
639 | Any proposal will be accepted, and the attribute(s) will not be proposed to | |
640 | the peer if you do not specify it (them). | |
641 | They can be individually specified in each proposal. | |
642 | .\" | |
643 | .It Ic ike_frag (on | off | force) ; | |
644 | Enable receiver-side IKE fragmentation if | |
645 | .Xr racoon 8 | |
646 | has been built with this feature. | |
647 | If set to on, racoon will advertise | |
648 | itself as being capable of receiving packets split by IKE fragmentation. | |
649 | This extension is there to work around broken firewalls that do not | |
650 | work with fragmented UDP packets. | |
651 | IKE fragmentation is always enabled on the sender-side, and it is | |
652 | used if the peer advertises itself as IKE fragmentation capable. | |
653 | By selecting force, IKE Fragmentation will | |
654 | be used when racoon is acting as the initiator even before the remote | |
655 | peer has advertised itself as IKE fragmentation capable. | |
656 | .\" | |
657 | .It Ic esp_frag Ar fraglen ; | |
658 | This option is only relevant if you use NAT traversal in tunnel mode. | |
659 | Its purpose is to work around broken DSL routers that reject UDP | |
660 | fragments, by fragmenting the IP packets before ESP encapsulation. | |
661 | The result is ESP over UDP of fragmented packets instead of fragmented | |
662 | ESP over UDP packets (i.e., IP:UDP:ESP:frag(IP) instead of | |
663 | frag(IP:UDP:ESP:IP)). | |
664 | .Ar fraglen | |
665 | is the maximum size of the fragments. | |
666 | 552 should work anywhere, | |
667 | but the higher | |
668 | .Ar fraglen | |
669 | is, the better the performance. | |
670 | .Pp | |
671 | Note that because PMTU discovery is broken on many sites, you will | |
672 | have to use MSS clamping if you want TCP to work correctly. | |
673 | .\" | |
674 | .It Ic initial_contact (on | off) ; | |
675 | Enable this to send an INITIAL-CONTACT message. | |
676 | The default value is | |
677 | .Ic on . | |
678 | This message is useful only when the responder implementation chooses an | |
679 | old SA when there are multiple SAs with different established time and the | |
680 | initiator reboots. | |
681 | If racoon did not send the message, | |
682 | the responder would use an old SA even when a new SA was established. | |
683 | For systems that use a KAME derived IPSEC stack, the | |
684 | .Xr sysctl 8 | |
685 | variable net.key.preferred_oldsa can be used to control this preference. | |
686 | When the value is zero, the stack always uses a new SA. | |
687 | .\" | |
688 | .It Ic passive (on | off) ; | |
689 | If you do not want to initiate the negotiation, set this to on. | |
690 | The default value is | |
691 | .Ic off . | |
692 | It is useful for a server. | |
693 | .\" | |
694 | .It Ic proposal_check Ar level ; | |
695 | Specifies the action of lifetime length, key length and PFS of the phase 2 | |
696 | selection on the responder side, and the action of lifetime check in | |
697 | phase 1. | |
698 | The default level is | |
699 | .Ic strict . | |
700 | If the | |
701 | .Ar level | |
702 | is: | |
703 | .Bl -tag -width Ds -compact | |
704 | .It Ic obey | |
705 | The responder will obey the initiator anytime. | |
706 | .It Ic strict | |
707 | If the responder's lifetime length is longer than the initiator's or | |
708 | the responder's key length is shorter than the initiator's, | |
709 | the responder will use the initiator's value. | |
710 | Otherwise, the proposal will be rejected. | |
711 | If PFS is not required by the responder, the responder will obey the proposal. | |
712 | If PFS is required by both sides and the responder's group is not equal to | |
713 | the initiator's, then the responder will reject the proposal. | |
714 | .It Ic claim | |
715 | If the responder's lifetime length is longer than the initiator's or | |
716 | the responder's key length is shorter than the initiator's, | |
717 | the responder will use the initiator's value. | |
718 | If the responder's lifetime length is shorter than the initiator's, | |
719 | the responder uses its own length AND sends a RESPONDER-LIFETIME notify | |
720 | message to an initiator in the case of lifetime (phase 2 only). | |
721 | For PFS, this directive behaves the same as | |
722 | .Ic strict . | |
723 | .It Ic exact | |
724 | If the initiator's lifetime or key length is not equal to the responder's, | |
725 | the responder will reject the proposal. | |
726 | If PFS is required by both sides and the responder's group is not equal to | |
727 | the initiator's, then the responder will reject the proposal. | |
728 | .El | |
729 | .\" | |
730 | .It Ic support_proxy (on | off) ; | |
731 | If this value is set to on, then both values of ID payloads in the | |
732 | phase 2 exchange are always used as the addresses of end-point of | |
733 | IPsec-SAs. | |
734 | The default is off. | |
735 | .\" | |
736 | .It Ic generate_policy (on | off | require | unique) ; | |
737 | This directive is for the responder. | |
738 | Therefore you should set | |
739 | .Ic passive | |
740 | to on in order that | |
741 | .Xr racoon 8 | |
742 | only becomes a responder. | |
743 | If the responder does not have any policy in SPD during phase 2 | |
744 | negotiation, and the directive is set to on, then | |
745 | .Xr racoon 8 | |
746 | will choose the first proposal in the | |
747 | SA payload from the initiator, and generate policy entries from the proposal. | |
748 | It is useful to negotiate with clients whose IP address is allocated | |
749 | dynamically. | |
750 | Note that an inappropriate policy might be installed into the responder's SPD | |
751 | by the initiator, | |
752 | so other communications might fail if such policies are installed | |
753 | due to a policy mismatch between the initiator and the responder. | |
754 | .Ic on | |
755 | and | |
756 | .Ic require | |
757 | values mean the same thing (generate a require policy). | |
758 | .Ic unique | |
759 | tells racoon to set up unique policies, with a monotoning increasing | |
760 | reqid number (between 1 and IPSEC_MANUAL_REQID_MAX). | |
761 | This directive is ignored in the initiator case. | |
762 | The default value is | |
763 | .Ic off . | |
764 | .\" | |
765 | .\" | |
766 | .It Ic nat_traversal (on | off | force) ; | |
767 | This directive enables use of the NAT-Traversal IPsec extension | |
768 | (NAT-T). | |
769 | NAT-T allows one or both peers to reside behind a NAT gateway (i.e., | |
770 | doing address- or port-translation). | |
771 | If a NAT gateway is detected during the phase 1 handshake, racoon will | |
772 | attempt to negotiate the use of NAT-T with the remote peer. | |
773 | If the negotiation succeeds, all ESP and AH packets for the given connection | |
774 | will be encapsulated into UDP datagrams (port 4500, by default). | |
775 | Possible values are: | |
776 | .Bl -tag -width Ds -compact | |
777 | .It Ic on | |
778 | NAT-T is used when a NAT gateway is detected between the peers. | |
779 | .It Ic off | |
780 | NAT-T is not proposed/accepted. | |
781 | This is the default. | |
782 | .It Ic force | |
783 | NAT-T is used regardless of whether a NAT gateway is detected between the | |
784 | peers or not. | |
785 | .El | |
786 | Please note that NAT-T support is a compile-time option. | |
787 | Although it is enabled in the source distribution by default, it | |
788 | may not be available in your particular build. | |
789 | In that case you will get a | |
790 | warning when using any NAT-T related config options. | |
791 | .\" | |
792 | .It Ic dpd_delay Ar delay ; | |
793 | This option activates the DPD and sets the time (in seconds) allowed | |
794 | between 2 proof of liveliness requests. | |
795 | The default value is | |
796 | .Ic 0 , | |
797 | which disables DPD monitoring, but still negotiates DPD support. | |
798 | .\" | |
799 | .It Ic dpd_retry Ar delay ; | |
800 | If | |
801 | .Ic dpd_delay | |
802 | is set, this sets the delay (in seconds) to wait for a proof of | |
803 | liveliness before considering it as failed and send another request. | |
804 | The default value is | |
805 | .Ic 5 . | |
806 | .\" | |
807 | .It Ic dpd_maxfail Ar number ; | |
808 | If | |
809 | .Ic dpd_delay | |
810 | is set, this sets the maximum number of liveliness proofs to request | |
811 | (without reply) before considering the peer is dead. | |
812 | The default value is | |
813 | .Ic 5 . | |
814 | .\" | |
815 | .It Ic nonce_size Ar number ; | |
816 | define the byte size of nonce value. | |
817 | Racoon can send any value although | |
818 | RFC2409 specifies that the value MUST be between 8 and 256 bytes. | |
819 | The default size is 16 bytes. | |
820 | .\" | |
821 | .It Ic ph1id Ar number ; | |
822 | An optionnal number to identify the remote proposal and to link it | |
823 | only with sainfos who have the same number. | |
824 | Defaults to 0. | |
825 | .\" | |
826 | .It Xo | |
827 | .Ic proposal { Ar sub-substatements Ic } | |
828 | .Xc | |
829 | .Bl -tag -width Ds -compact | |
830 | .\" | |
831 | .It Ic encryption_algorithm Ar algorithm ; | |
832 | Specifies the encryption algorithm used for the phase 1 negotiation. | |
833 | This directive must be defined. | |
834 | .Ar algorithm | |
835 | is one of following: | |
836 | .Ic des, 3des, blowfish, cast128, aes, camellia | |
837 | .\".Ic rc5 , idea | |
838 | for Oakley. | |
839 | For other transforms, this statement should not be used. | |
840 | .\" | |
841 | .It Ic hash_algorithm Ar algorithm ; | |
842 | Defines the hash algorithm used for the phase 1 negotiation. | |
843 | This directive must be defined. | |
844 | .Ar algorithm | |
845 | is one of following: | |
846 | .Ic md5, sha1, sha256, sha384, sha512 | |
847 | for Oakley. | |
848 | .\" | |
849 | .It Ic authentication_method Ar type ; | |
850 | Defines the authentication method used for the phase 1 negotiation. | |
851 | This directive must be defined. | |
852 | .Ar type | |
853 | is one of: | |
854 | .Ic pre_shared_key , rsasig | |
855 | (for plain RSA authentication), | |
856 | .Ic gssapi_krb , hybrid_rsa_server , | |
857 | .Ic hybrid_rsa_client , xauth_rsa_server , xauth_rsa_client , xauth_psk_server | |
858 | or | |
859 | .Ic xauth_psk_client . | |
860 | .\" | |
861 | .It Ic dh_group Ar group ; | |
862 | Defines the group used for the Diffie-Hellman exponentiations. | |
863 | This directive must be defined. | |
864 | .Ar group | |
865 | is one of following: | |
866 | .Ic modp768 , modp1024 , modp1536 , | |
867 | .Ic modp2048 , modp3072 , modp4096 , | |
868 | .Ic modp6144 , modp8192 . | |
869 | Or you can define 1, 2, 5, 14, 15, 16, 17, or 18 as the DH group number. | |
870 | When you want to use aggressive mode, | |
871 | you must define the same DH group in each proposal. | |
872 | .It Ic lifetime time Ar number Ar timeunit ; | |
873 | Defines the lifetime of the phase 1 SA proposal. | |
874 | Refer to the description of the | |
875 | .Ic lifetime | |
876 | directive defined in the | |
877 | .Ic remote | |
878 | directive. | |
879 | .It Ic gss_id Ar string ; | |
880 | Defines the GSS-API endpoint name, to be included as an attribute in the SA, | |
881 | if the | |
882 | .Ic gssapi_krb | |
883 | authentication method is used. | |
884 | If this is not defined, the default value of | |
885 | .Ql host/hostname | |
886 | is used, where hostname is the value returned by the | |
887 | .Xr hostname 1 | |
888 | command. | |
889 | .El | |
890 | .El | |
891 | .El | |
892 | .\" | |
893 | .Ss Policy Specifications | |
894 | The policy directive is obsolete, policies are now in the SPD. | |
895 | .Xr racoon 8 | |
896 | will obey the policy configured into the kernel by | |
897 | .Xr setkey 8 , | |
898 | and will construct phase 2 proposals by combining | |
899 | .Ic sainfo | |
900 | specifications in | |
901 | .Nm , | |
902 | and policies in the kernel. | |
903 | .\" | |
904 | .Ss Sainfo Specifications | |
905 | .Bl -tag -width Ds -compact | |
906 | .It Xo | |
907 | .Ic sainfo ( Ar source_id destination_id | Ar source_id Ic anonymous | Ic anonymous Ar destination_id | Ic anonymous ) [ from Ar idtype [ Ar string ] ] [ Ic group Ar string ] | |
908 | .Ic { Ar statements Ic } | |
909 | .Xc | |
910 | defines the parameters of the IKE phase 2 (IPsec-SA establishment). | |
911 | .Ar source_id | |
912 | and | |
913 | .Ar destination_id | |
914 | are constructed like: | |
915 | .Pp | |
916 | .Ic address Ar address | |
917 | .Bq Ic / Ar prefix | |
918 | .Bq Ic [ Ar port ] | |
919 | .Ar ul_proto | |
920 | .Pp | |
921 | or | |
922 | .Pp | |
923 | .Ic subnet Ar address | |
924 | .Bq Ic / Ar prefix | |
925 | .Bq Ic [ Ar port ] | |
926 | .Ar ul_proto | |
927 | .Pp | |
928 | or | |
929 | .Pp | |
930 | .Ar idtype Ar string | |
931 | .Pp | |
932 | An id string should be expressed to match the exact value of an ID payload | |
933 | (source is the local end, destination is the remote end). | |
934 | This is not like a filter rule. | |
935 | For example, if you define 3ffe:501:4819::/48 as | |
936 | .Ar source_id . | |
937 | 3ffe:501:4819:1000:/64 will not match. | |
938 | .Pp | |
939 | In the case of a longest prefix (selecting a single host), | |
940 | .Ar address | |
941 | instructs to send ID type of ADDRESS while | |
942 | .Ar subnet | |
943 | instructs to send ID type of SUBNET. | |
944 | Otherwise, these instructions are identical. | |
945 | .Pp | |
946 | The group keyword allows an XAuth group membership check to be performed | |
947 | for this sainfo section. | |
948 | When the mode_cfg auth source is set to | |
949 | .Ic system | |
950 | or | |
951 | .Ic ldap , | |
952 | the XAuth user is verified to be a member of the specified group | |
953 | before allowing a matching SA to be negotiated. | |
954 | .Pp | |
955 | .Bl -tag -width Ds -compact | |
956 | .\" | |
957 | .It Ic pfs_group Ar group ; | |
958 | define the group of Diffie-Hellman exponentiations. | |
959 | If you do not require PFS then you can omit this directive. | |
960 | Any proposal will be accepted if you do not specify one. | |
961 | .Ar group | |
962 | is one of following: | |
963 | .Ic modp768 , modp1024 , modp1536 , | |
964 | .Ic modp2048 , modp3072 , modp4096 , | |
965 | .Ic modp6144 , modp8192 . | |
966 | Or you can define 1, 2, 5, 14, 15, 16, 17, or 18 as the DH group number. | |
967 | .\" | |
968 | .It Ic lifetime time Ar number Ar timeunit ; | |
969 | define how long an IPsec-SA will be used, in timeunits. | |
970 | Any proposal will be accepted, and no attribute(s) will be proposed to | |
971 | the peer if you do not specify it(them). | |
972 | See the | |
973 | .Ic proposal_check | |
974 | directive. | |
975 | .\" | |
976 | .It Ic remoteid Ar number ; | |
977 | Sainfos will only be used if their remoteid matches the ph1id of the | |
978 | remote section used for phase 1. | |
979 | Defaults to 0, which is also the default for ph1id. | |
980 | .\" | |
981 | .It Ic my_identifier Ar idtype ... ; | |
982 | is obsolete. | |
983 | It does not make sense to specify an identifier in the phase 2. | |
984 | .El | |
985 | .\" | |
986 | .Pp | |
987 | .Xr racoon 8 | |
988 | does not have a list of security protocols to be negotiated. | |
989 | The list of security protocols are passed by SPD in the kernel. | |
990 | Therefore you have to define all of the potential algorithms | |
991 | in the phase 2 proposals even if there are algorithms which will not be used. | |
992 | These algorithms are define by using the following three directives, | |
993 | with a single comma as the separator. | |
994 | For algorithms that can take variable-length keys, algorithm names | |
995 | can be followed by a key length, like | |
996 | .Dq Li blowfish 448 . | |
997 | .Xr racoon 8 | |
998 | will compute the actual phase 2 proposals by computing | |
999 | the permutation of the specified algorithms, | |
1000 | and then combining them with the security protocol specified by the SPD. | |
1001 | For example, if | |
1002 | .Ic des , 3des , hmac_md5 , | |
1003 | and | |
1004 | .Ic hmac_sha1 | |
1005 | are specified as algorithms, we have four combinations for use with ESP, | |
1006 | and two for AH. | |
1007 | Then, based on the SPD settings, | |
1008 | .Xr racoon 8 | |
1009 | will construct the actual proposals. | |
1010 | If the SPD entry asks for ESP only, there will be 4 proposals. | |
1011 | If it asks for both AH and ESP, there will be 8 proposals. | |
1012 | Note that the kernel may not support the algorithm you have specified. | |
1013 | .\" | |
1014 | .Bl -tag -width Ds -compact | |
1015 | .It Ic encryption_algorithm Ar algorithms ; | |
1016 | .Ic des , 3des , des_iv64 , des_iv32 , | |
1017 | .Ic rc5 , rc4 , idea , 3idea , | |
1018 | .Ic cast128 , blowfish , null_enc , | |
1019 | .Ic twofish , rijndael , aes , camellia | |
1020 | .Pq used with ESP | |
1021 | .\" | |
1022 | .It Ic authentication_algorithm Ar algorithms ; | |
1023 | .Ic des , 3des , des_iv64 , des_iv32 , | |
1024 | .Ic hmac_md5 , hmac_sha1 , hmac_sha256, hmac_sha384, hmac_sha512, non_auth | |
1025 | .Pq used with ESP authentication and AH | |
1026 | .\" | |
1027 | .It Ic compression_algorithm Ar algorithms ; | |
1028 | .Ic deflate | |
1029 | .Pq used with IPComp | |
1030 | .El | |
1031 | .El | |
1032 | .\" | |
1033 | .Ss Logging level | |
1034 | .Bl -tag -width Ds -compact | |
1035 | .It Ic log Ar level ; | |
1036 | Defines the logging level. | |
1037 | .Ar level | |
1038 | is one of following: | |
1039 | .Ic error , warning , notify , info , debug | |
1040 | and | |
1041 | .Ic debug2 . | |
1042 | The default is | |
1043 | .Ic info . | |
1044 | If you set the logging level too high on slower machines, | |
1045 | IKE negotiation can fail due to timing constraint changes. | |
1046 | .El | |
1047 | .\" | |
1048 | .Ss Specifies the way to pad | |
1049 | .Bl -tag -width Ds -compact | |
1050 | .It Ic padding { Ar statements Ic } | |
1051 | specifies the padding format. | |
1052 | The following are valid statements: | |
1053 | .Bl -tag -width Ds -compact | |
1054 | .It Ic randomize (on | off) ; | |
1055 | Enables the use of a randomized value for padding. | |
1056 | The default is on. | |
1057 | .It Ic randomize_length (on | off) ; | |
1058 | The pad length will be random. | |
1059 | The default is off. | |
1060 | .It Ic maximum_length Ar number ; | |
1061 | Defines a maximum padding length. | |
1062 | If | |
1063 | .Ic randomize_length | |
1064 | is off, this is ignored. | |
1065 | The default is 20 bytes. | |
1066 | .It Ic exclusive_tail (on | off) ; | |
1067 | Means to put the number of pad bytes minus one into the last part | |
1068 | of the padding. | |
1069 | The default is on. | |
1070 | .It Ic strict_check (on | off) ; | |
1071 | Means to constrain the peer to set the number of pad bytes. | |
1072 | The default is off. | |
1073 | .El | |
1074 | .El | |
1075 | .Ss ISAKMP mode configuration settings | |
1076 | .Bl -tag -width Ds -compact | |
1077 | .It Ic mode_cfg { Ar statements Ic } | |
1078 | Defines the information to return for remote hosts' ISAKMP mode config | |
1079 | requests. | |
1080 | Also defines the authentication source for remote peers | |
1081 | authenticating through Xauth. | |
1082 | .Pp | |
1083 | The following are valid statements: | |
1084 | .Bl -tag -width Ds -compact | |
1085 | .It Ic auth_source (system | radius | pam | ldap) ; | |
1086 | Specifies the source for authentication of users through Xauth. | |
1087 | .Ar system | |
1088 | means to use the Unix user database. | |
1089 | This is the default. | |
1090 | .Ar radius | |
1091 | means to use a RADIUS server. | |
1092 | It works only if | |
1093 | .Xr racoon 8 | |
1094 | was built with libradius support. Radius configuration is hanlded by | |
1095 | .Xr radius.conf 5 . | |
1096 | .Ar pam | |
1097 | means to use PAM. | |
1098 | It works only if | |
1099 | .Xr racoon 8 | |
1100 | was built with libpam support. | |
1101 | .Ar ldap | |
1102 | means to use LDAP. | |
1103 | It works only if | |
1104 | .Xr racoon 8 | |
1105 | was built with libldap support. LDAP configuration is handled by | |
1106 | statements in the | |
1107 | .Ic ldapcfg | |
1108 | section. | |
1109 | .It Ic auth_groups Ar "group1", ... ; | |
1110 | Specifies the group memberships for Xauth in quoted group name strings. | |
1111 | When defined, the authenticating user must be a member of at least one | |
1112 | group for Xauth to succeed. | |
1113 | .It Ic group_source (system | ldap) ; | |
1114 | Specifies the source for group validataion of users through Xauth. | |
1115 | .Ar system | |
1116 | means to use the Unix user database. | |
1117 | This is the default. | |
1118 | .Ar ldap | |
1119 | means to use LDAP. | |
1120 | It works only if | |
1121 | .Xr racoon 8 | |
1122 | was built with libldap support and requires LDAP authentication. | |
1123 | LDAP configuration is handled by statements in the | |
1124 | .Ic ldapcfg | |
1125 | section. | |
1126 | .It Ic conf_source (local | radius | ldap) ; | |
1127 | Specifies the source for IP addresses and netmask allocated through ISAKMP | |
1128 | mode config. | |
1129 | .Ar local | |
1130 | means to use the local IP pool defined by the | |
1131 | .Ic network4 | |
1132 | and | |
1133 | .Ic pool_size | |
1134 | statements. | |
1135 | This is the default. | |
1136 | .Ar radius | |
1137 | means to use a RADIUS server. | |
1138 | It works only if | |
1139 | .Xr racoon 8 | |
1140 | was built with libradius support and requires RADIUS authentiation. | |
1141 | RADIUS configuration is handled by | |
1142 | .Xr radius.conf 5 . | |
1143 | .Ar ldap | |
1144 | means to use an LDAP server. | |
1145 | It works only if | |
1146 | .Xr racoon 8 | |
1147 | was built with libldap support and requires LDAP authentication. | |
1148 | LDAP configuration is handled by | |
1149 | statements in the | |
1150 | .Ic ldapcfg | |
1151 | section. | |
1152 | .It Ic accounting (none | system | radius | pam) ; | |
1153 | Enables or disables accounting for Xauth logins and logouts. | |
1154 | The default is | |
1155 | .Ar none | |
1156 | which disable accounting. | |
1157 | Specifying | |
1158 | .Ar system | |
1159 | enables system accounting through | |
1160 | .Xr utmp 5 . | |
1161 | Specifying | |
1162 | .Ar radius | |
1163 | enables RADIUS accounting. | |
1164 | It works only if | |
1165 | .Xr racoon 8 | |
1166 | was built with libradius support and requires RADIUS authentication. | |
1167 | RADIUS configuration is handled by | |
1168 | .Xr radius.conf 5 . | |
1169 | Specifying | |
1170 | .Ar pam | |
1171 | enables PAM accounting. | |
1172 | It works only if | |
1173 | .Xr racoon 8 | |
1174 | was build with libpam support and requires PAM authentication. | |
1175 | .It Ic pool_size Ar size | |
1176 | Specify the size of the IP address pool, either local or allocated | |
1177 | through RADIUS. | |
1178 | .Ic conf_source | |
1179 | selects the local pool or the RADIUS configuration, but in both | |
1180 | configurations, you cannot have more than | |
1181 | .Ar size | |
1182 | users connected at the same time. | |
1183 | The default is 255. | |
1184 | .It Ic network4 Ar address ; | |
1185 | .It Ic netmask4 Ar address ; | |
1186 | The local IP pool base address and network mask from which dynamically | |
1187 | allocated IPv4 addresses should be taken. | |
1188 | This is used if | |
1189 | .Ic conf_source | |
1190 | is set to | |
1191 | .Ar local | |
1192 | or if the RADIUS server returned | |
1193 | .Ar 255.255.255.254 . | |
1194 | Default is | |
1195 | .Ar 0.0.0.0/0.0.0.0 . | |
1196 | .It Ic dns4 Ar addresses ; | |
1197 | A list of IPv4 addresses for DNS servers, separated by commas, or on multiple | |
1198 | .Ic dns4 | |
1199 | lines. | |
1200 | .It Ic nbns4 Ar addresses ; | |
1201 | A list of IPv4 address for WINS servers. | |
1202 | .It Ic split_network (include | local_lan) Ar network/mask, ... | |
1203 | The network configuration to send, in cidr notation (e.g. 192.168.1.0/24). | |
1204 | If | |
1205 | .Ic include | |
1206 | is specified, the tunnel should be only used to encrypt the indicated | |
1207 | destinations ; otherwise, if | |
1208 | .Ic local_lan | |
1209 | is used, everything will pass through the tunnel but those destinations. | |
1210 | .It Ic default_domain Ar domain ; | |
1211 | The default DNS domain to send. | |
1212 | .It Ic split_dns Ar "domain", ... | |
1213 | The split dns configuration to send, in quoted domain name strings. | |
1214 | This list can be used to describe a list of domain names for which | |
1215 | a peer should query a modecfg assigned dns server. | |
1216 | DNS queries for all other domains would be handled locally. | |
1217 | (Cisco VPN client only). | |
1218 | .It Ic banner Ar path ; | |
1219 | The path of a file displayed on the client at connection time. | |
1220 | Default is | |
1221 | .Ar /etc/motd . | |
1222 | .It Ic auth_throttle Ar delay ; | |
1223 | On each failed Xauth authentication attempt, refuse new attempts for a set | |
1224 | .Ar delay | |
1225 | of seconds. | |
1226 | This is to avoid dictionary attacks on Xauth passwords. | |
1227 | Default is one second. | |
1228 | Set to zero to disable authentication delay. | |
1229 | .It Ic pfs_group Ar group ; | |
1230 | Sets the PFS group used in the client proposal (Cisco VPN client only). | |
1231 | Default is 0. | |
1232 | .It Ic save_passwd (on | off) ; | |
1233 | Allow the client to save the Xauth password (Cisco VPN client only). | |
1234 | Default is off. | |
1235 | .El | |
1236 | .El | |
1237 | .Ss Ldap configuration settings | |
1238 | .Bl -tag -width Ds -compact | |
1239 | .It Ic ldapcfg { Ar statements Ic } | |
1240 | Defines the parameters that will be used to communicate with an ldap | |
1241 | server for | |
1242 | .Ic xauth | |
1243 | authentication. | |
1244 | .Pp | |
1245 | The following are valid statements: | |
1246 | .Bl -tag -width Ds -compact | |
1247 | .It Ic version (2 | 3) ; | |
1248 | The ldap protocol version used to communicate with the server. | |
1249 | The default is | |
1250 | .Ic 3 . | |
1251 | .It Ic host Ar (hostname | address) ; | |
1252 | The host name or ip address of the ldap server. | |
1253 | The default is | |
1254 | .Ic localhost . | |
1255 | .It Ic port Ar number; | |
1256 | The port that the ldap server is configured to listen on. | |
1257 | The default is | |
1258 | .Ic 389 . | |
1259 | .It Ic base Ar distinguished name; | |
1260 | The ldap search base. | |
1261 | This option has no default value. | |
1262 | .It Ic subtree (on | off) ; | |
1263 | Use the subtree ldap search scope. | |
1264 | Otherwise, use the one level search scope. | |
1265 | The default is | |
1266 | .Ic off . | |
1267 | .It Ic bind_dn Ar distinguised name; | |
1268 | The user dn used to optionaly bind as before performing ldap search operations. | |
1269 | If this option is not specified, anonymous binds are used. | |
1270 | .It Ic bind_pw Ar string; | |
1271 | The password used when binding as | |
1272 | .Ic bind_dn . | |
1273 | .It Ic attr_user Ar attribute name; | |
1274 | The attribute used to specify a users name in an ldap directory. | |
1275 | For example, | |
1276 | if a user dn is "cn=jdoe,dc=my,dc=net" then the attribute would be "cn". | |
1277 | The default value is | |
1278 | .Ic cn . | |
1279 | .It Ic attr_addr Ar attribute name; | |
1280 | .It Ic attr_mask Ar attribute name; | |
1281 | The attributes used to specify a users network address and subnet mask in an | |
1282 | ldap directory. | |
1283 | These values are forwarded during mode_cfg negotiation when | |
1284 | the conf_source is set to ldap. | |
1285 | The default values are | |
1286 | .Ic racoon-address | |
1287 | and | |
1288 | .Ic racoon-netmask . | |
1289 | .It Ic attr_group Ar attribute name; | |
1290 | The attribute used to specify a group name in an ldap directory. | |
1291 | For example, | |
1292 | if a group dn is "cn=users,dc=my,dc=net" then the attribute would be "cn". | |
1293 | The default value is | |
1294 | .Ic cn . | |
1295 | .It Ic attr_member Ar attribute name; | |
1296 | The attribute used to specify group membership in an ldap directory. | |
1297 | The default value is | |
1298 | .Ic member . | |
1299 | .El | |
1300 | .El | |
1301 | .Ss Special directives | |
1302 | .Bl -tag -width Ds -compact | |
1303 | .It Ic complex_bundle (on | off) ; | |
1304 | defines the interpretation of proposal in the case of SA bundle. | |
1305 | Normally | |
1306 | .Dq IP AH ESP IP payload | |
1307 | is proposed as | |
1308 | .Dq AH tunnel and ESP tunnel . | |
1309 | The interpretation is more common to other IKE implementations, however, | |
1310 | it allows very limited set of combinations for proposals. | |
1311 | With the option enabled, it will be proposed as | |
1312 | .Dq AH transport and ESP tunnel . | |
1313 | The default value is | |
1314 | .Ic off . | |
1315 | .El | |
1316 | .\" | |
1317 | .Ss Pre-shared key File | |
1318 | The pre-shared key file defines pairs of identifiers and corresponding | |
1319 | shared secret keys which are used in the pre-shared key authentication | |
1320 | method in phase 1. | |
1321 | The pair in each line is separated by some number of blanks and/or tab | |
1322 | characters like in the | |
1323 | .Xr hosts 5 | |
1324 | file. | |
1325 | Key can include blanks because everything after the first blanks | |
1326 | is interpreted as the secret key. | |
1327 | Lines starting with | |
1328 | .Ql # | |
1329 | are ignored. | |
1330 | Keys which start with | |
1331 | .Ql 0x | |
1332 | are interpreted as hexadecimal strings. | |
1333 | Note that the file must be owned by the user ID running | |
1334 | .Xr racoon 8 | |
1335 | .Pq usually the privileged user , | |
1336 | and must not be accessible by others. | |
1337 | .\" | |
1338 | .Sh EXAMPLES | |
1339 | The following shows how the remote directive should be configured. | |
1340 | .Bd -literal -offset | |
1341 | path pre_shared_key "/usr/local/v6/etc/psk.txt" ; | |
1342 | remote anonymous | |
1343 | { | |
1344 | exchange_mode aggressive,main,base; | |
1345 | lifetime time 24 hour; | |
1346 | proposal { | |
1347 | encryption_algorithm 3des; | |
1348 | hash_algorithm sha1; | |
1349 | authentication_method pre_shared_key; | |
1350 | dh_group 2; | |
1351 | } | |
1352 | } | |
1353 | ||
1354 | sainfo anonymous | |
1355 | { | |
1356 | pfs_group 2; | |
1357 | lifetime time 12 hour ; | |
1358 | encryption_algorithm 3des, blowfish 448, twofish, rijndael ; | |
1359 | authentication_algorithm hmac_sha1, hmac_md5 ; | |
1360 | compression_algorithm deflate ; | |
1361 | } | |
1362 | .Ed | |
1363 | .Pp | |
1364 | If you are configuring plain RSA authentication, the remote directive | |
1365 | should look like the following: | |
1366 | .Bd -literal -offset | |
1367 | path certificate "/usr/local/v6/etc" ; | |
1368 | remote anonymous | |
1369 | { | |
1370 | exchange_mode main,base ; | |
1371 | lifetime time 12 hour ; | |
1372 | certificate_type plain_rsa "/usr/local/v6/etc/myrsakey.priv"; | |
1373 | peers_certfile plain_rsa "/usr/local/v6/etc/yourrsakey.pub"; | |
1374 | proposal { | |
1375 | encryption_algorithm aes ; | |
1376 | hash_algorithm sha1 ; | |
1377 | authentication_method rsasig ; | |
1378 | dh_group 2 ; | |
1379 | } | |
1380 | } | |
1381 | .Ed | |
1382 | .Pp | |
1383 | The following is a sample for the pre-shared key file. | |
1384 | .Bd -literal -offset | |
1385 | 10.160.94.3 mekmitasdigoat | |
1386 | 172.16.1.133 0x12345678 | |
1387 | 194.100.55.1 whatcertificatereally | |
1388 | 3ffe:501:410:ffff:200:86ff:fe05:80fa mekmitasdigoat | |
1389 | 3ffe:501:410:ffff:210:4bff:fea2:8baa mekmitasdigoat | |
1390 | foo@kame.net mekmitasdigoat | |
1391 | foo.kame.net hoge | |
1392 | .Ed | |
1393 | .\" | |
1394 | .Sh SEE ALSO | |
1395 | .Xr racoon 8 , | |
1396 | .Xr racoonctl 8 , | |
1397 | .Xr setkey 8 | |
1398 | .\" | |
1399 | .Sh HISTORY | |
1400 | The | |
1401 | .Nm | |
1402 | configuration file first appeared in the | |
1403 | .Dq YIPS | |
1404 | Yokogawa IPsec implementation. | |
1405 | .\" | |
1406 | .Sh BUGS | |
1407 | Some statements may not be handled by | |
1408 | .Xr racoon 8 | |
1409 | yet. | |
1410 | .Pp | |
1411 | Diffie-Hellman computation can take a very long time, and may cause | |
1412 | unwanted timeouts, specifically when a large D-H group is used. | |
1413 | .\" | |
1414 | .Sh SECURITY CONSIDERATIONS | |
1415 | The use of IKE phase 1 aggressive mode is not recommended, | |
1416 | as described in | |
1417 | .Li http://www.kb.cert.org/vuls/id/886601 . |