1 '\" te
   2 .\" Copyright (c) 2009, Sun Microsystems, Inc. All Rights Reserved.
   3 .\" Copyright (c) 2015, Circonus, Inc. All Rights Reserved.
   4 .\" The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License. You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing.
   5 .\"  See the License for the specific language governing permissions and limitations under the License. When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the
   6 .\" fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
   7 .TH IKE.CONFIG 4 "Apr 27, 2009"
   8 .SH NAME
   9 ike.config \- configuration file for IKE policy
  10 .SH SYNOPSIS
  11 .LP
  12 .nf
  13 \fB/etc/inet/ike/config\fR
  14 .fi
  15 
  16 .SH DESCRIPTION
  17 .LP
  18 The \fB/etc/inet/ike/config\fR file contains rules for matching inbound IKE
  19 requests. It also contains rules for preparing outbound \fBIKE\fR requests.
  20 .sp
  21 .LP
  22 You can test the syntactic correctness of an \fB/etc/inet/ike/config\fR file by
  23 using the \fB-c\fR or \fB-f\fR options of \fBin.iked\fR(1M). You must use the
  24 \fB-c\fR option to test a \fBconfig\fR file. You might need to use the \fB-f\fR
  25 option if it is not in \fB/etc/inet/ike/config\fR.
  26 .SS "Lexical Components"
  27 .LP
  28 On any line, an unquoted \fB#\fR character introduces a comment. The remainder
  29 of that line is ignored. Additionally, on any line, an unquoted \fB//\fR
  30 sequence introduces a comment. The remainder of that line is ignored.
  31 .sp
  32 .LP
  33 There are several types of lexical tokens in the \fBike.config\fR file:
  34 .sp
  35 .ne 2
  36 .na
  37 \fB\fInum\fR\fR
  38 .ad
  39 .sp .6
  40 .RS 4n
  41 A decimal, hex, or octal number representation is as in 'C'.
  42 .RE
  43 
  44 .sp
  45 .ne 2
  46 .na
  47 \fB\fIIPaddr\fR/\fIprefix\fR/\fIrange\fR\fR
  48 .ad
  49 .sp .6
  50 .RS 4n
  51 An IPv4 or IPv6 address with an optional /\fINNN\fR suffix, (where \fINNN\fR is
  52 a \fInum\fR) that indicates an address (\fBCIDR\fR) prefix (for example,
  53 \fB10.1.2.0/24\fR). An optional /\fIADDR\fR suffix (where \fIADDR\fR is a
  54 second IP address) indicates an address/mask pair (for example,
  55 \fB10.1.2.0/255.255.255.0\fR). An optional -\fIADDR\fR suffix (where \fIADDR\fR
  56 is a second IPv4 address) indicates an inclusive range of addresses (for
  57 example, \fB10.1.2.0-10.1.2.255\fR). The \fB/\fR or \fB-\fR can be surrounded
  58 by an arbitrary amount of white space.
  59 .RE
  60 
  61 .sp
  62 .ne 2
  63 .na
  64 \fB\fBXXX\fR | \fBYYY\fR | \fBZZZ\fR\fR
  65 .ad
  66 .sp .6
  67 .RS 4n
  68 Either the words \fBXX\fRX, \fBYYY\fR, or \fBZZZ\fR, for example, {yes,no}.
  69 .RE
  70 
  71 .sp
  72 .ne 2
  73 .na
  74 \fBp1-id-type\fR
  75 .ad
  76 .sp .6
  77 .RS 4n
  78 An IKE phase 1 identity type. IKE phase 1 identity types include:
  79 .br
  80 .in +2
  81 \fBdn, DN\fR
  82 .in -2
  83 .br
  84 .in +2
  85 \fBdns, DNS\fR
  86 .in -2
  87 .br
  88 .in +2
  89 \fBfqdn, FQDN\fR
  90 .in -2
  91 .br
  92 .in +2
  93 \fBgn, GN\fR
  94 .in -2
  95 .br
  96 .in +2
  97 \fBip, IP\fR
  98 .in -2
  99 .br
 100 .in +2
 101 \fBipv4\fR
 102 .in -2
 103 .br
 104 .in +2
 105 \fBipv4_prefix\fR
 106 .in -2
 107 .br
 108 .in +2
 109 \fBipv4_range\fR
 110 .in -2
 111 .br
 112 .in +2
 113 \fBipv6\fR
 114 .in -2
 115 .br
 116 .in +2
 117 \fBipv6_prefix\fR
 118 .in -2
 119 .br
 120 .in +2
 121 \fBipv6_range\fR
 122 .in -2
 123 .br
 124 .in +2
 125 \fBmbox, MBOX\fR
 126 .in -2
 127 .br
 128 .in +2
 129 \fBuser_fqdn\fR
 130 .in -2
 131 .RE
 132 
 133 .sp
 134 .ne 2
 135 .na
 136 \fB\fB"\fR\fIstring\fR\fB"\fR\fR
 137 .ad
 138 .sp .6
 139 .RS 4n
 140 A quoted string.
 141 .sp
 142 Examples include:\fB"Label foo"\fR, or \fB"C=US, OU=Sun Microsystems\e, Inc.,
 143 N=olemcd@eng.example.com"\fR
 144 .sp
 145 A backslash (\fB\e\fR) is an escape character. If the string needs an actual
 146 backslash, two must be specified.
 147 .RE
 148 
 149 .sp
 150 .ne 2
 151 .na
 152 \fB\fIcert-sel\fR\fR
 153 .ad
 154 .sp .6
 155 .RS 4n
 156 A certificate selector, a \fIstring\fR which specifies the identities of zero
 157 or more certificates. The specifiers can conform to \fBX.509\fR naming
 158 conventions.
 159 .sp
 160 A \fIcert-sel\fR can also use various shortcuts to match either subject
 161 alternative names, the filename or \fBslot\fR of a certificate in
 162 \fB/etc/inet/ike/publickeys\fR, or even the \fBISSUER\fR. For example:
 163 .sp
 164 .in +2
 165 .nf
 166 "SLOT=0"
 167 "EMAIL=postmaster@domain.org"
 168 "webmaster@domain.org" # Some just work w/o TYPE=
 169 "IP=10.0.0.1"
 170 "10.21.11.11"          # Some just work w/o TYPE=
 171 "DNS=www.domain.org"
 172 "mailhost.domain.org"  # Some just work w/o TYPE=
 173 "ISSUER=C=US, O=Sun Microsystems\\, Inc., CN=Sun CA"
 174 .fi
 175 .in -2
 176 .sp
 177 
 178 Any \fIcert-sel\fR preceded by the character \fB!\fR indicates a negative
 179 match, that is, not matching this specifier. These are the same kind of strings
 180 used in \fBikecert\fR(1M).
 181 .RE
 182 
 183 .sp
 184 .ne 2
 185 .na
 186 \fB\fIldap-list\fR\fR
 187 .ad
 188 .sp .6
 189 .RS 4n
 190 A quoted, comma-separated list of LDAP servers and ports.
 191 .sp
 192 For example, \fB"ldap1.example.com"\fR, \fB"ldap1.example.com:389"\fR,
 193 \fB"ldap1.example.com:389,ldap2.example.com"\fR.
 194 .sp
 195 The default port for LDAP is \fB389\fR.
 196 .RE
 197 
 198 .sp
 199 .ne 2
 200 .na
 201 \fB\fIparameter-list\fR\fR
 202 .ad
 203 .sp .6
 204 .RS 4n
 205 A list of parameters.
 206 .RE
 207 
 208 .SS "File Body Entries"
 209 .LP
 210 There are four main types of entries:
 211 .RS +4
 212 .TP
 213 .ie t \(bu
 214 .el o
 215 global parameters
 216 .RE
 217 .RS +4
 218 .TP
 219 .ie t \(bu
 220 .el o
 221 IKE phase 1 transform defaults
 222 .RE
 223 .RS +4
 224 .TP
 225 .ie t \(bu
 226 .el o
 227 IKE rule defaults
 228 .RE
 229 .RS +4
 230 .TP
 231 .ie t \(bu
 232 .el o
 233 IKE rules
 234 .RE
 235 .sp
 236 .LP
 237 The global parameter entries are as follows:
 238 .sp
 239 .ne 2
 240 .na
 241 \fBcert_root \fIcert-sel\fR\fR
 242 .ad
 243 .sp .6
 244 .RS 4n
 245 The X.509 distinguished name of a certificate that is a trusted root CA
 246 certificate.It must be encoded in a file in the \fB/etc/inet/ike/publickeys\fR
 247 directory. It must have a CRL in \fB/etc/inet/ike/crl\fRs. Multiple
 248 \fBcert_root\fR parameters aggregate.
 249 .RE
 250 
 251 .sp
 252 .ne 2
 253 .na
 254 \fBcert_trust \fIcert-sel\fR\fR
 255 .ad
 256 .sp .6
 257 .RS 4n
 258 Specifies an X.509 distinguished name of a certificate that is self-signed, or
 259 has otherwise been verified as trustworthy for signing IKE exchanges. It must
 260 be encoded in a file in \fB/etc/inet/ike/publickeys\fR. Multiple
 261 \fBcert_trust\fR parameters aggregate.
 262 .RE
 263 
 264 .sp
 265 .ne 2
 266 .na
 267 \fBexpire_timer \fIinteger\fR\fR
 268 .ad
 269 .sp .6
 270 .RS 4n
 271 The number of seconds to let a not-yet-complete IKE Phase I (Main Mode)
 272 negotiation linger before deleting it. Default value: 300 seconds.
 273 .RE
 274 
 275 .sp
 276 .ne 2
 277 .na
 278 \fBignore_crls\fR
 279 .ad
 280 .sp .6
 281 .RS 4n
 282 If this keyword is present in the file, \fBin.iked\fR(1M) ignores Certificate
 283 Revocation Lists (\fBCRL\fRs) for root \fBCA\fRs (as given in \fBcert_root\fR)
 284 .RE
 285 
 286 .sp
 287 .ne 2
 288 .na
 289 \fBldap_server \fIldap-list\fR\fR
 290 .ad
 291 .sp .6
 292 .RS 4n
 293 A list of LDAP servers to query for certificates. The list can be additive.
 294 .RE
 295 
 296 .sp
 297 .ne 2
 298 .na
 299 \fBpkcs11_path \fIstring\fR\fR
 300 .ad
 301 .sp .6
 302 .RS 4n
 303 The string that follows is a name of a shared object (\fB\&.so\fR) that
 304 implements the PKCS#11 standard. The name is passed directly into
 305 \fBdlopen\fR(3C) for linking, with all of the semantics of that library call.
 306 By default, \fBin.iked\fR(1M) runs the same ISA as the running kernel, so a
 307 library specified using \fBpkcs11_path\fR and an absolute pathname \fBmust\fR
 308 match the same ISA as the kernel. One can use the start/exec SMF property (see
 309 \fBsvccfg\fR(1M)) to change \fBin.iked\fR's ISA, but it is not recommended.
 310 .sp
 311 If this setting is not present, the default value is set to \fBlibpkcs11.so\fR.
 312 Most cryptographic providers go through the default library, and this parameter
 313 should only be used if a specialized provider of IKE-useful cryptographic
 314 services cannot interface with the Solaris Cryptographic Framework. See
 315 \fBcryptoadm\fR(1M).
 316 .sp
 317 This option is now deprecated, and may be removed in a future release.
 318 .RE
 319 
 320 .sp
 321 .ne 2
 322 .na
 323 \fBretry_limit \fIinteger\fR\fR
 324 .ad
 325 .sp .6
 326 .RS 4n
 327 The number of retransmits before any IKE negotiation is aborted. Default value:
 328 5 times.
 329 .RE
 330 
 331 .sp
 332 .ne 2
 333 .na
 334 \fBretry_timer_init \fIinteger\fR or \fIfloat\fR\fR
 335 .ad
 336 .sp .6
 337 .RS 4n
 338 The initial interval (in seconds) between retransmits. This interval is doubled
 339 until the \fBretry_timer_max\fR value (see below) is reached. Default value:
 340 0.5 seconds.
 341 .RE
 342 
 343 .sp
 344 .ne 2
 345 .na
 346 \fBretry_timer_max \fIinteger\fR or \fIfloat\fR\fR
 347 .ad
 348 .sp .6
 349 .RS 4n
 350 The maximum interval (in seconds) between retransmits. The doubling retransmit
 351 interval stops growing at this limit. Default value: 30 seconds.
 352 .LP
 353 Note -
 354 .sp
 355 .RS 2
 356 This value is never reached with the default configuration. The longest
 357 interval is 8 (0.5 * 2 ^ (5 - 1)) seconds.
 358 .RE
 359 .RE
 360 
 361 .sp
 362 .ne 2
 363 .na
 364 \fBproxy \fIstring\fR\fR
 365 .ad
 366 .sp .6
 367 .RS 4n
 368 The string following this keyword must be a URL for an HTTP proxy, for example,
 369 \fBhttp://proxy:8080\fR.
 370 .RE
 371 
 372 .sp
 373 .ne 2
 374 .na
 375 \fBsocks \fIstring\fR\fR
 376 .ad
 377 .sp .6
 378 .RS 4n
 379 The string following this keyword must be a URL for a SOCKS proxy, for example,
 380 \fBsocks://socks-proxy\fR.
 381 .RE
 382 
 383 .sp
 384 .ne 2
 385 .na
 386 \fBuse_http\fR
 387 .ad
 388 .sp .6
 389 .RS 4n
 390 If this keyword is present in the file, \fBin.iked\fR(1M) uses HTTP to retrieve
 391 Certificate Revocation Lists (\fBCRL\fRs).
 392 .RE
 393 
 394 .sp
 395 .LP
 396 The following IKE phase 1 transform parameters can be prefigured using
 397 file-level defaults. Values specified within any given transform override these
 398 defaults.
 399 .sp
 400 .LP
 401 The IKE phase 1 transform defaults are as follows:
 402 .sp
 403 .ne 2
 404 .na
 405 \fBp1_lifetime_secs \fInum\fR\fR
 406 .ad
 407 .sp .6
 408 .RS 4n
 409 The proposed default lifetime, in seconds, of an IKE phase 1 security
 410 association (\fBSA\fR).
 411 .RE
 412 
 413 .sp
 414 .ne 2
 415 .na
 416 \fBp1_nonce_len \fInum\fR\fR
 417 .ad
 418 .sp .6
 419 .RS 4n
 420 The length in bytes of the phase 1 (quick mode) nonce data. This cannot be
 421 specified on a per-rule basis.
 422 .RE
 423 
 424 .sp
 425 .LP
 426 The following IKE rule parameters can be prefigured using file-level defaults.
 427 Values specified within any given rule override these defaults, unless a rule
 428 cannot.
 429 .sp
 430 .ne 2
 431 .na
 432 \fBp2_lifetime_secs \fInum\fR\fR
 433 .ad
 434 .sp .6
 435 .RS 4n
 436 The proposed default lifetime, in seconds, of an IKE phase 2 security
 437 association (SA). This value is optional. If omitted, a default value is used.
 438 .RE
 439 
 440 .sp
 441 .ne 2
 442 .na
 443 \fBp2_softlife_secs \fInum\fR\fR
 444 .ad
 445 .sp .6
 446 .RS 4n
 447 The soft lifetime of a phase 2 SA, in seconds. If this value is specified, the
 448 SA soft expires after the number of seconds specified by
 449 \fBp2_softlife_secs\fR. This causes \fBin.iked\fR to renegotiate a new phase 2
 450 SA before the original SA expires.
 451 .sp
 452 This value is optional, if omitted soft expiry occurs after 90% of the lifetime
 453 specified by \fBp2_lifetime_secs\fR. The value specified by
 454 \fBp2_softlife_secs\fR is ignored if \fBp2_lifetime_secs\fR is not specified.
 455 .sp
 456 Setting \fBp2_softlife_secs\fR to the same value as \fBp2_lifetime_secs\fR
 457 disables soft expires.
 458 .RE
 459 
 460 .sp
 461 .ne 2
 462 .na
 463 \fBp2_idletime_secs \fInum\fR\fR
 464 .ad
 465 .sp .6
 466 .RS 4n
 467 The idle lifetime of a phase 2 SA, in seconds. If the value is specified, the
 468 value specifies the lifetime of the SA, if the security association is not used
 469 before the SA is revalidated.
 470 .RE
 471 
 472 .sp
 473 .ne 2
 474 .na
 475 \fBp2_lifetime_kb \fInum\fR\fR
 476 .ad
 477 .sp .6
 478 .RS 4n
 479 The lifetime of an SA can optionally be specified in kilobytes. This parameter
 480 specifies the default value. If lifetimes are specified in both seconds and
 481 kilobytes, the SA expires when either the seconds or kilobyte threshholds are
 482 passed.
 483 .RE
 484 
 485 .sp
 486 .ne 2
 487 .na
 488 \fBp2_softlife_kb \fInum\fR\fR
 489 .ad
 490 .sp .6
 491 .RS 4n
 492 This value is the number of kilobytes that can be protected by an SA before a
 493 soft expire occurs (see \fBp2_softlife_secs\fR, above).
 494 .sp
 495 This value is optional. If omitted, soft expiry occurs after 90% of the
 496 lifetime specified by \fBp2_lifetime_kb\fR. The value specified by
 497 \fBp2_softlife_kb\fR is ignored if \fBp2_lifetime_kb\fR is not specified.
 498 .RE
 499 
 500 .sp
 501 .ne 2
 502 .na
 503 \fBp2_nonce_len \fInum\fR\fR
 504 .ad
 505 .sp .6
 506 .RS 4n
 507 The length in bytes of the phase 2 (quick mode) nonce data. This cannot be
 508 specified on a per-rule basis.
 509 .RE
 510 
 511 .sp
 512 .ne 2
 513 .na
 514 \fBlocal_id_type \fIp1-id-type\fR\fR
 515 .ad
 516 .sp .6
 517 .RS 4n
 518 The local identity for IKE requires a type. This identity type is reflected in
 519 the IKE exchange. The type can be one of the following:
 520 .RS +4
 521 .TP
 522 .ie t \(bu
 523 .el o
 524 an IP address (for example, \fB10.1.1.2\fR)
 525 .RE
 526 .RS +4
 527 .TP
 528 .ie t \(bu
 529 .el o
 530 DNS name (for example, \fBtest.domain.com\fR)
 531 .RE
 532 .RS +4
 533 .TP
 534 .ie t \(bu
 535 .el o
 536 MBOX RFC 822 name (for example, \fBroot@domain.com\fR)
 537 .RE
 538 .RS +4
 539 .TP
 540 .ie t \(bu
 541 .el o
 542 DNX.509 distinguished name (for example, \fBC=US, O=Sun Microsystems\, Inc.,
 543 CN=Sun Test cert\fR)
 544 .RE
 545 .RE
 546 
 547 .sp
 548 .ne 2
 549 .na
 550 \fBp1_xform '{' parameter-list '}\fR
 551 .ad
 552 .sp .6
 553 .RS 4n
 554 A phase 1 transform specifies a method for protecting an IKE phase 1 exchange.
 555 An initiator offers up lists of phase 1 transforms, and a receiver is expected
 556 to only accept such an entry if it matches one in a phase 1 rule. There can be
 557 several of these, and they are additive. There must be either at least one
 558 phase 1 transform in a rule or a global default phase 1 transform list. In a
 559 configuration file without a global default phase 1 transform list \fBand\fR a
 560 rule without a phase, transform list is an invalid file. Unless specified as
 561 optional, elements in the parameter-list must occur exactly once within a given
 562 transform's parameter-list:
 563 .sp
 564 .ne 2
 565 .na
 566 \fBoakley_group \fInumber\fR\fR
 567 .ad
 568 .sp .6
 569 .RS 4n
 570 The Oakley Diffie-Hellman group used for IKE SA key derivation. The group
 571 numbers are defined in RFC 2409, Appendix A, RFC 3526, and RFC 5114, section
 572 3.2. Acceptable values are currently:
 573 .br
 574 .in +2
 575 1 (MODP 768-bit)
 576 .in -2
 577 .br
 578 .in +2
 579 2 (MODP 1024-bit)
 580 .in -2
 581 .br
 582 .in +2
 583 3 (EC2N 155-bit)
 584 .in -2
 585 .br
 586 .in +2
 587 4 (EC2N 185-bit)
 588 .in -2
 589 .br
 590 .in +2
 591 5 (MODP 1536-bit)
 592 .in -2
 593 .br
 594 .in +2
 595 14 (MODP 2048-bit)
 596 .in -2
 597 .br
 598 .in +2
 599 15 (MODP 3072-bit)
 600 .in -2
 601 .br
 602 .in +2
 603 16 (MODP 4096-bit)
 604 .in -2
 605 .br
 606 .in +2
 607 17 (MODP 6144-bit)
 608 .in -2
 609 .br
 610 .in +2
 611 18 (MODP 8192-bit)
 612 .in -2
 613 .br
 614 .in +2
 615 19 (ECP 256-bit)
 616 .in -2
 617 .br
 618 .in +2
 619 20 (ECP 384-bit)
 620 .in -2
 621 .br
 622 .in +2
 623 21 (ECP 521-bit)
 624 .in -2
 625 .br
 626 .in +2
 627 22 (MODP 1024-bit, with 160-bit Prime Order Subgroup)
 628 .in -2
 629 .br
 630 .in +2
 631 23 (MODP 2048-bit, with 224-bit Prime Order Subgroup)
 632 .in -2
 633 .br
 634 .in +2
 635 24 (MODP 2048-bit, with 256-bit Prime Order Subgroup)
 636 .in -2
 637 .br
 638 .in +2
 639 25 (ECP 192-bit)
 640 .in -2
 641 .br
 642 .in +2
 643 26 (ECP 224-bit)
 644 .in -2
 645 .RE
 646 
 647 .sp
 648 .ne 2
 649 .na
 650 \fBencr_alg {3des, 3des-cbc, blowfish, blowfish-cdc, des, des-cbc, aes,
 651 aes-cbc}\fR
 652 .ad
 653 .sp .6
 654 .RS 4n
 655 An encryption algorithm, as in \fBipsecconf\fR(1M). However, of the ciphers
 656 listed above, only \fBaes\fR and \fBaes-cbc\fR allow optional key-size setting,
 657 using the "low value-to-high value" syntax. To specify a single AES key size,
 658 the low value must equal the high value. If no range is specified, all three
 659 AES key sizes are allowed.
 660 .RE
 661 
 662 .sp
 663 .ne 2
 664 .na
 665 \fBauth_alg {md5, sha, sha1, sha256, sha384, sha512}\fR
 666 .ad
 667 .sp .6
 668 .RS 4n
 669 An authentication algorithm.
 670 .sp
 671 Use \fBipsecalgs\fR(1M) with the \fB-l\fR option to list the IPsec protocols
 672 and algorithms currently defined on a system. The \fBcryptoadm list\fR command
 673 diplays a list of installed providers and their mechanisms. See
 674 \fBcryptoadm\fR(1M).
 675 .RE
 676 
 677 .sp
 678 .ne 2
 679 .na
 680 \fBauth_method {preshared, rsa_sig, rsa_encrypt, dss_sig}\fR
 681 .ad
 682 .sp .6
 683 .RS 4n
 684 The authentication method used for IKE phase 1.
 685 .RE
 686 
 687 .sp
 688 .ne 2
 689 .na
 690 \fBp1_lifetime_secs \fInum\fR\fR
 691 .ad
 692 .sp .6
 693 .RS 4n
 694 Optional. The lifetime for a phase 1 SA.
 695 .RE
 696 
 697 .RE
 698 
 699 .sp
 700 .ne 2
 701 .na
 702 \fBp2_lifetime_secs \fInum\fR\fR
 703 .ad
 704 .sp .6
 705 .RS 4n
 706 If configuring the kernel defaults is not sufficient for different tasks, this
 707 parameter can be used on a per-rule basis to set the IPsec \fBSA\fR lifetimes
 708 in seconds.
 709 .RE
 710 
 711 .sp
 712 .ne 2
 713 .na
 714 \fBp2_pfs \fInum\fR\fR
 715 .ad
 716 .sp .6
 717 .RS 4n
 718 Use perfect forward secrecy for phase 2 (quick mode). If selected, the oakley
 719 group specified is used for phase 2 PFS. Acceptable values are:
 720 .br
 721 .in +2
 722 0 (do not use Perfect Forward Secrecy for IPsec SAs)
 723 .in -2
 724 .br
 725 .in +2
 726 1 (768-bit)
 727 .in -2
 728 .br
 729 .in +2
 730 2 (1024-bit)
 731 .in -2
 732 .br
 733 .in +2
 734 5 (1536-bit)
 735 .in -2
 736 .br
 737 .in +2
 738 14 (2048-bit)
 739 .in -2
 740 .br
 741 .in +2
 742 15 (3072-bit)
 743 .in -2
 744 .br
 745 .in +2
 746 16 (4096-bit)
 747 .in -2
 748 .RE
 749 
 750 .sp
 751 .LP
 752 An IKE rule starts with a right-curly-brace (\fB{\fR), ends with a
 753 left-curly-brace (\fB}\fR), and has the following parameters in between:
 754 .sp
 755 .ne 2
 756 .na
 757 \fBlabel \fIstring\fR\fR
 758 .ad
 759 .sp .6
 760 .RS 4n
 761 Required parameter. The administrative interface to \fBin.iked\fR looks up
 762 phase 1 policy rules with the label as the search string. The administrative
 763 interface also converts the label into an index, suitable for an extended
 764 ACQUIRE message from PF_KEY - effectively tying IPsec policy to IKE policy in
 765 the case of a node initiating traffic. Only one \fBlabel\fR parameter is
 766 allowed per rule.
 767 .RE
 768 
 769 .sp
 770 .ne 2
 771 .na
 772 \fBlocal_addr <\fIIPaddr\fR/\fIprefix\fR/\fIrange\fR>\fR
 773 .ad
 774 .sp .6
 775 .RS 4n
 776 Required parameter. The local address, address prefix, or address range for
 777 this phase 1 rule. Multiple \fBlocal_addr\fR parameters accumulate within a
 778 given rule.
 779 .RE
 780 
 781 .sp
 782 .ne 2
 783 .na
 784 \fBremote_addr <\fIIPaddr\fR/\fIprefix\fR/\fIrang\fRe>\fR
 785 .ad
 786 .sp .6
 787 .RS 4n
 788 Required parameter. The remote address, address prefix, or address range for
 789 this phase 1 rule. Multiple \fBremote_addr\fR parameters accumulate within a
 790 given rule.
 791 .RE
 792 
 793 .sp
 794 .ne 2
 795 .na
 796 \fBlocal_id_type \fIp1-id-type\fR\fR
 797 .ad
 798 .sp .6
 799 .RS 4n
 800 Which phase 1 identity type I uses. This is needed because a single certificate
 801 can contain multiple values for use in IKE phase 1. Within a given rule, all
 802 phase 1 transforms must either use preshared or non-preshared authentication
 803 (they cannot be mixed). For rules with preshared authentication, the
 804 \fBlocal_id_type\fR parameter is optional, and defaults to \fBIP\fR. For rules
 805 which use non-preshared authentication, the 'local_id_type' parameter is
 806 required. Multiple 'local_id_type' parameters within a rule are not allowed.
 807 .RE
 808 
 809 .sp
 810 .ne 2
 811 .na
 812 \fBlocal_id \fIcert-sel\fR\fR
 813 .ad
 814 .sp .6
 815 .RS 4n
 816 Disallowed for preshared authentication method; required parameter for
 817 non-preshared authentication method. The local identity string or certificate
 818 selector. Only one local identity per rule is used, the first one stated.
 819 .RE
 820 
 821 .sp
 822 .ne 2
 823 .na
 824 \fBremote_id \fIcert-sel\fR\fR
 825 .ad
 826 .sp .6
 827 .RS 4n
 828 Disallowed for preshared authentication method; required parameter for
 829 non-preshared authentication method. Selector for which remote phase 1
 830 identities are allowed by this rule. Multiple \fBremote_id\fR parameters
 831 accumulate within a given rule. If a single empty string (\fB""\fR) is given,
 832 then this accepts any remote \fBID\fR for phase 1. It is recommended that
 833 certificate trust chains or address enforcement be configured strictly to
 834 prevent a breakdown in security if this value for \fBremote_id\fR is used.
 835 .RE
 836 
 837 .sp
 838 .ne 2
 839 .na
 840 \fBp2_lifetime_secs \fInum\fR\fR
 841 .ad
 842 .sp .6
 843 .RS 4n
 844 If configuring the kernel defaults is not sufficient for different tasks, this
 845 parameter can be used on a per-rule basis to set the IPsec \fBSA\fR lifetimes
 846 in seconds.
 847 .RE
 848 
 849 .sp
 850 .ne 2
 851 .na
 852 \fBp2_pfs \fInum\fR\fR
 853 .ad
 854 .sp .6
 855 .RS 4n
 856 Use perfect forward secrecy for phase 2 (quick mode). If selected, the oakley
 857 group specified is used for phase 2 PFS. Acceptable values are:
 858 .br
 859 .in +2
 860 0 (do not use Perfect Forward Secrecy for IPsec SAs)
 861 .in -2
 862 .br
 863 .in +2
 864 1 (768-bit)
 865 .in -2
 866 .br
 867 .in +2
 868 2 (1024-bit)
 869 .in -2
 870 .br
 871 .in +2
 872 5 (1536-bit)
 873 .in -2
 874 .br
 875 .in +2
 876 14 (2048-bit)
 877 .in -2
 878 .br
 879 .in +2
 880 15 (3072-bit)
 881 .in -2
 882 .br
 883 .in +2
 884 16 (4096-bit)
 885 .in -2
 886 .RE
 887 
 888 .sp
 889 .ne 2
 890 .na
 891 \fBp1_xform \fB{\fR \fIparameter-list\fR \fB}\fR\fR
 892 .ad
 893 .sp .6
 894 .RS 4n
 895 A phase 1 transform specifies a method for protecting an IKE phase 1 exchange.
 896 An initiator offers up lists of phase 1 transforms, and a receiver is expected
 897 to only accept such an entry if it matches one in a phase 1 rule. There can be
 898 several of these, and they are additive. There must be either at least one
 899 phase 1 transform in a rule or a global default phase 1 transform list. A
 900 \fBike.config\fR file without a global default phase 1transform list \fBand\fR
 901 a rule without a phase 1 transform list is an invalid file. Elements within the
 902 parameter-list; unless specified as optional, must occur exactly once within a
 903 given transform's parameter-list:
 904 .sp
 905 .ne 2
 906 .na
 907 \fBoakley_group \fInumber\fR\fR
 908 .ad
 909 .sp .6
 910 .RS 4n
 911 The Oakley Diffie-Hellman group used for \fBIKE SA\fR key derivation.
 912 Acceptable values are currently:
 913 .br
 914 .in +2
 915 1 (768-bit)
 916 .in -2
 917 .br
 918 .in +2
 919 2 (1024-bit)
 920 .in -2
 921 .br
 922 .in +2
 923 5 (1536-bit)
 924 .in -2
 925 .br
 926 .in +2
 927 14 (2048-bit)
 928 .in -2
 929 .br
 930 .in +2
 931 15 (3072-bit)
 932 .in -2
 933 .br
 934 .in +2
 935 16 (4096-bit)
 936 .in -2
 937 .RE
 938 
 939 .sp
 940 .ne 2
 941 .na
 942 \fBencr_alg {3des, 3des-cbc, blowfish, blowfish-cdc, des, des-cbc, aes,
 943 aes-cbc}\fR
 944 .ad
 945 .sp .6
 946 .RS 4n
 947 An encryption algorithm, as in \fBipsecconf\fR(1M). However, of the ciphers
 948 listed above, only \fBaes\fR and \fBaes-cbc\fR allow optional key-size setting,
 949 using the "low value-to-high value" syntax. To specify a single AES key size,
 950 the low value must equal the high value. If no range is specified, all three
 951 AES key sizes are allowed.
 952 .RE
 953 
 954 .sp
 955 .ne 2
 956 .na
 957 \fBauth_alg {md5, sha, sha1}\fR
 958 .ad
 959 .sp .6
 960 .RS 4n
 961 An authentication algorithm, as specified in \fBipseckey\fR(1M).
 962 .RE
 963 
 964 .sp
 965 .ne 2
 966 .na
 967 \fBauth_method {preshared, rsa_sig, rsa_encrypt, dss_sig}\fR
 968 .ad
 969 .sp .6
 970 .RS 4n
 971 The authentication method used for IKE phase 1.
 972 .RE
 973 
 974 .sp
 975 .ne 2
 976 .na
 977 \fBp1_lifetime_secs \fInum\fR\fR
 978 .ad
 979 .sp .6
 980 .RS 4n
 981 Optional. The lifetime for a phase 1 SA.
 982 .RE
 983 
 984 .RE
 985 
 986 .SH EXAMPLES
 987 .LP
 988 \fBExample 1 \fRA Sample \fBike.config\fR File
 989 .sp
 990 .LP
 991 The following is an example of an \fBike.config\fR file:
 992 
 993 .sp
 994 .in +2
 995 .nf
 996 
 997 ### BEGINNING OF FILE
 998 
 999 ### First some global parameters...
1000 
1001 ### certificate parameters...
1002 
1003 # Root certificates. I SHOULD use a full Distinguished Name.
1004 # I must have this certificate in my local filesystem, see ikecert(1m).
1005 cert_root    "C=US, O=Sun Microsystems\\, Inc., CN=Sun CA"
1006 
1007 # Explicitly trusted certs that need no signatures, or perhaps
1008 # self-signed ones. Like root certificates, use full DNs for them
1009 # for now.
1010 cert_trust    "EMAIL=root@domain.org"
1011 
1012 # Where do I send LDAP requests?
1013 ldap_server        "ldap1.domain.org,ldap2.domain.org:389"
1014 
1015 ## phase 1 transform defaults...
1016 
1017 p1_lifetime_secs 14400
1018 p1_nonce_len 20
1019 
1020 ## Parameters that might also show up in rules.
1021 
1022 p1_xform { auth_method preshared oakley_group 5 auth_alg sha
1023           encr_alg 3des }
1024 p2_pfs 2
1025 
1026 
1027 
1028 ### Now some rules...
1029 
1030 {
1031    label "simple inheritor"
1032    local_id_type ip
1033    local_addr 10.1.1.1
1034    remote_addr 10.1.1.2
1035 }
1036 {
1037    label "simple inheritor IPv6"
1038    local_id_type ipv6
1039    local_addr fe80::a00:20ff:fe7d:6
1040    remote_addr fe80::a00:20ff:fefb:3780
1041 }
1042 
1043 {
1044    # an index-only rule.  If I'm a receiver, and all I
1045    # have are index-only rules, what do I do about inbound IKE requests?
1046    # Answer:  Take them all!
1047 
1048    label "default rule"
1049    # Use whatever "host" (e.g. IP address) identity is appropriate
1050    local_id_type ipv4
1051 
1052    local_addr 0.0.0.0/0
1053    remote_addr 0.0.0.0/0
1054 
1055    p2_pfs 5
1056 
1057    # Now I'm going to have the p1_xforms
1058    p1_xform
1059    {auth_method preshared  oakley_group 5  auth_alg md5  encr_alg \e
1060     blowfish }   p1_xform
1061    {auth_method preshared  oakley_group 5  auth_alg md5  encr_alg 3des }
1062 
1063    # After said list, another keyword (or a '}') stops xform
1064    # parsing.
1065 }
1066 
1067 {
1068    # Let's try something a little more conventional.
1069 
1070    label "host to .80 subnet"
1071    local_id_type ip
1072    local_id "10.1.86.51"
1073 
1074    remote_id ""    # Take any, use remote_addr for access control.
1075 
1076    local_addr 10.1.86.51
1077    remote_addr 10.1.80.0/24
1078 
1079    p1_xform
1080    { auth_method rsa_sig  oakley_group 5  auth_alg md5  encr_alg 3des }
1081    p1_xform
1082    { auth_method rsa_sig  oakley_group 5  auth_alg md5  encr_alg \e
1083      blowfish }
1084    p1_xform
1085    { auth_method rsa_sig  oakley_group 5  auth_alg sha1  encr_alg 3des }
1086    p1_xform
1087    { auth_method rsa_sig  oakley_group 5  auth_alg sha1  encr_alg \e
1088      blowfish }
1089 }
1090 
1091 {
1092    # Let's try something a little more conventional, but with ipv6.
1093 
1094     label "host to fe80::/10 subnet"
1095     local_id_type ip
1096     local_id "fe80::a00:20ff:fe7d:6"
1097 
1098     remote_id ""    # Take any, use remote_addr for access control.
1099 
1100     local_addr fe80::a00:20ff:fe7d:6
1101     remote_addr fe80::/10
1102 
1103     p1_xform
1104     { auth_method rsa_sig  oakley_group 5  auth_alg md5  encr_alg 3des }
1105     p1_xform
1106     { auth_method rsa_sig  oakley_group 5  auth_alg md5  encr_alg \e
1107       blowfish }
1108     p1_xform
1109     { auth_method rsa_sig  oakley_group 5  auth_alg sha1  encr_alg \e
1110       3des }
1111     p1_xform
1112     { auth_method rsa_sig  oakley_group 5  auth_alg sha1  encr_alg \e
1113       blowfish }
1114 }
1115 
1116 {
1117     # How 'bout something with a different cert type and name?
1118 
1119     label "punchin-point"
1120     local_id_type mbox
1121     local_id "ipsec-wizard@domain.org"
1122 
1123     remote_id "10.5.5.128"
1124 
1125     local_addr 0.0.0.0/0
1126     remote_addr 10.5.5.128
1127 
1128     p1_xform
1129     { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg \e
1130       blowfish }
1131 }
1132 
1133 {
1134    label "receiver side"
1135 
1136    remote_id "ipsec-wizard@domain.org"
1137 
1138    local_id_type ip
1139    local_id "10.5.5.128"
1140 
1141    local_addr 10.5.5.128
1142    remote_addr 0.0.0.0/0
1143 
1144    p1_xform
1145    { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg blowfish }
1146    # NOTE:  Specifying preshared null-and-voids the remote_id/local_id
1147    #        fields.
1148    p1_xform
1149    { auth_method preshared oakley_group 5 auth_alg md5 encr_alg \e
1150      blowfish}
1151 
1152 }
1153 .fi
1154 .in -2
1155 
1156 .SH ATTRIBUTES
1157 .LP
1158 See \fBattributes\fR(5) for descriptions of the following attributes:
1159 .sp
1160 
1161 .sp
1162 .TS
1163 box;
1164 c | c
1165 l | l .
1166 ATTRIBUTE TYPE  ATTRIBUTE VALUE
1167 _
1168 Interface Stability     Committed
1169 .TE
1170 
1171 .SH SEE ALSO
1172 .LP
1173 \fBcryptoadm\fR(1M), \fBikeadm\fR(1M), \fBin.iked\fR(1M), \fBikecert\fR(1M),
1174 \fBipseckey\fR(1M), \fBipsecalgs\fR(1M), \fBipsecconf\fR(1M), \fBsvccfg\fR(1M),
1175 \fBdlopen\fR(3C), \fBattributes\fR(5), \fBrandom\fR(7D)
1176 .sp
1177 .LP
1178 Harkins, Dan and Carrel, Dave. \fIRFC 2409, Internet Key Exchange (IKE)\fR.
1179 Cisco Systems, November 1998.
1180 .sp
1181 .LP
1182 Maughan, Douglas et. al. \fIRFC 2408, Internet Security Association and Key
1183 Management Protocol (ISAKMP)\fR. National Security Agency, Ft. Meade, MD.
1184 November 1998.
1185 .sp
1186 .LP
1187 Piper, Derrell. \fIRFC 2407, The Internet IP Security Domain of Interpretation
1188 for ISAKMP\fR. Network Alchemy. Santa Cruz, California. November 1998.
1189 .sp
1190 .LP
1191 Kivinen, T. \fIRFC 3526, More Modular Exponential (MODP) Diffie-Hellman Groups
1192 for Internet Key Exchange (IKE)\fR. The Internet Society, Network Working
1193 Group. May 2003.
1194 .sp
1195 .LP
1196 Lepinksi, M. and Kent, S. \fIRFC 5114, Additional Diffie-Hellman Groups for Use
1197 with IETF Standards\fR. BBN Technologies, January 2008.
1198 .sp
1199 .LP
1200 Fu, D. and Solinas, J. \fIRFC 5903, Elliptic Curve Groups modulo a Prime (ECP
1201 Groups) for IKE and IKEv2\fR. NSA, June 2010.