User manual
19: Configuring IPSec
_______________________________________________________________________________________________________
Name Type
Required
Default
Description
enabled string
Yes
No
Defines whether this set of
credentials is to be used or
not.
Idtype String
No
ipaddress
Defines whether IP address
or userfqdn is used.
Userfqdn String
No
None
FQDN or Xauth name. This
must match xauth_identity
from the config ‘connection’
section.
localaddress
string
Yes
None
Sets the local ID address.
remoteaddress string
Yes
None
Sets the remote ID address.
secrettype string
Yes
psk
Specifies different
mechanisms to allow the two
peers to authenticate one
another.
psk: pre-shared secret
pubkey: public key
signatures
rsasig: RSA digital
signatures
ecdsasig: Elliptic Curve DSA
signatures
xauth: extended
authentication
secret string
Sets preshared key.
A sample secret section which could be used with the connection section in
‘Connection Settings’, is shown below:
Strongswan.@secret[0]=secret
Strongswan.@secret[0].enabled=yes
Strongswan.@secret[0].localaddress=10.1.1.1
Strongswan.@secret[0].remoteaddress=10.2.2.2
Strongswan.@secret[0].secrettype=psk
Strongswan.@secret[0].secret=secret
config 'secret'
option 'enabled' "yes"
option 'localaddress' "10.1.1.1"
option 'remoteaddress' "10.2.2.2"
option 'secrettype' 'psk'
option 'secret' "secret"
_______________________________________________________________________________________________________
© Virtual Access 2015
GW1000 Series User Manual
Issue: 2.4 Page 127 of 255