aboutsummaryrefslogtreecommitdiffstats
path: root/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
diff options
context:
space:
mode:
Diffstat (limited to 'recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel')
-rwxr-xr-xrecipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel42
1 files changed, 42 insertions, 0 deletions
diff --git a/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
new file mode 100755
index 00000000..b2cf84bf
--- /dev/null
+++ b/recipes-connectivity/ipsec-demo/ipsec-demo/test_setkey/left.conf-aes-md5-tunnel
@@ -0,0 +1,42 @@
+#!/usr/sbin/setkey -f
+#
+#
+# Example ESP Tunnel for VPN.
+#
+# ========= ESP =========
+# | |
+# Network-A Gateway-A Gateway-B Network-B
+# 192.168.1.0/24 ---- 200.200.200.10 ------ 200.200.200.20 ---- 192.168.2.0/24
+#
+# ====== 83xx board A ====== ===== 83xx board B =====
+# | | | |
+# eth0 eth1 eth1 eth0
+# 192.168.1.130 200.200.200.10 200.200.200.20 192.168.2.130
+#
+#
+# Board A setup
+#
+# Flush the SAD and SPD
+flush;
+spdflush;
+
+# I am gateway A (eth0:192.168.1.130, eth1:200.200.200.10)
+#
+# Security policies
+spdadd 192.168.1.0/24 192.168.2.0/24 any -P out ipsec
+ esp/tunnel/200.200.200.10-200.200.200.20/require;
+
+spdadd 192.168.2.0/24 192.168.1.0/24 any -P in ipsec
+ esp/tunnel/200.200.200.20-200.200.200.10/require;
+
+
+# ESP SAs doing encryption using 192 bit long keys (168 + 24 parity)
+# and hmac-md5 authentication using 128 bit long keys
+add 200.200.200.10 200.200.200.20 esp 0x201 -m tunnel
+ -E aes-cbc 0x7aeaca3f87d060a12f4a4487d5a5c3355920fae69a96c831
+ -A hmac-md5 0xd5f603abc8cd9d19319ca32fb955b10f;
+
+add 200.200.200.20 200.200.200.10 esp 0x301 -m tunnel
+ -E aes-cbc 0xf6ddb555acfd9d77b03ea3843f2653255afe8eb5573965df
+ -A hmac-md5 0x1dd90b4c32dcbe9d37b555a23df5170e;
+