Displaying 2 results from an estimated 2 matches for "verify_cert".
2004 Sep 24
2
strange behavior of ipsec tunnel mode
...ituation identity_only;
my_identifier asn1dn;
peers_identifier asn1dn;
verify_identifier on;
certificate_type x509 "mad.public" "mad.private";
peers_certfile x509 "laptop.public";
send_cert on;
send_cr on;
verify_cert on;
lifetime time 300 sec;
passive off;
proposal_check strict;
nonce_size 256;
proposal {
encryption_algorithm blowfish 448;
hash_algorithm sha1 512;
authentication_method rsasig;
dh_group modp4...
2007 Sep 03
3
Shorewall + IPSec: help debugging why gw1<->gw2 SA works, but loc<->gw2 traffic doesn't trigger SA
.../racoon/racoon.conf (dynamically generated):
path certificate "/etc/racoon/certs";
>
> listen
> {
> isakmp 5.6.7.8;
> }
>
> remote 1.2.3.4
> {
> exchange_mode main;
> certificate_type x509 "sandy.pem" "sandy_key.pem";
> verify_cert on;
> my_identifier asn1dn ;
> peers_identifier asn1dn ;
> verify_identifier on ;
> lifetime time 24 hour ;
> proposal {
> encryption_algorithm blowfish;
> hash_algorithm sha1;
> authentication_method rsasig ;
> dh_group...