诺基亚S60手机使用 VPN 之 OpenSwan 安装配置和VPN规则的生成
2010-02-20 16:12:00 来源:WEB开发网[POLICYNAME]
VPN Beta
[POLICYDESCRIPTION]
VPN Beta
[POLICYVERSION]
1.1
[ISSUERNAME]
Do not edit
[CONTACTINFO]
Do not edit
实际上只是一个简单的规则标识,并不牵涉实际的配置问题。而真正的设置是存在VPN.pol文件中,其内容如下:
SECURITY_FILE_VERSION: 3
[INFO]
VPN
[POLICY]
sa ipsec_1 = {
esp
encrypt_alg 12
max_encrypt_bits 256
auth_alg 3
identity_remote 0.0.0.0/0
src_specific
hard_lifetime_bytes 0
hard_lifetime_addtime 3600
hard_lifetime_usetime 3600
soft_lifetime_bytes 0
soft_lifetime_addtime 3600
soft_lifetime_usetime 3600
}
remote 0.0.0.0 0.0.0.0 = { ipsec_1(IPSec VPN服务器地址) }
inbound = { }
outbound = { }
[IKE]
ADDR: IPSec VPN服务器地址 255.255.255.255
MODE: Main
SEND_NOTIFICATION: TRUE
ID_TYPE: 11
FQDN: MobileGroup
GROUP_DESCRIPTION_II: MODP_1536
USE_COMMIT: FALSE
IPSEC_EXPIRE: FALSE
SEND_CERT: FALSE
INITIAL_CONTACT: FALSE
RESPONDER_LIFETIME: TRUE
REPLAY_STATUS: TRUE
USE_INTERNAL_ADDR: FALSE
USE_NAT_PROBE: FALSE
DNS_SERVER: 8.8.8.8 <- DNS服务器的IP地址
ESP_UDP_PORT: 0
NAT_KEEPALIVE: 60
USE_XAUTH: TRUE
USE_MODE_CFG: TRUE
REKEYING_THRESHOLD: 90
PROPOSALS: 1
ENC_ALG: AES256-CBC
AUTH_METHOD: PRE-SHARED
HASH_ALG: SHA1
GROUP_DESCRIPTION: MODP_1536
GROUP_TYPE: DEFAULT
更多精彩
赞助商链接