I am trying to set up an ipsec bridge using the template and
instructions found in the brconfig man page (OpenBSD 4.6):
Create Security Associations (SAs) between the external IP
address of
each bridge and matching ingress flows by using the following
ipsec.conf(5) file on bridge1:
esp from 1.2.3.4 to 4.3.2.1 spi 0x4242:0x4243 \
authkey file "auth1:auth2" enckey file "enc1:enc2"
flow esp proto etherip from 1.2.3.4 to 4.3.2.1
I was curious as to the exact meaning of the colon, specifically the
auth1:auth2 and enc1:enc2 arguments.
Do they mean references to the 4 keys, two on each of the machines?
E.g.
om 1.2.3.4 to 4.3.2.1 spi 0x4242:0x4243 \
authkey file "/etc/keys/auth1:/etc/keys/auth2"
enckey file "/etc/keys/enc1:/etc/keys/enc2"
flow esp proto etherip from 1.2.3.4 to 4.3.2.1
---
Russell P. Sutherland Email: russ @ madhaus.cns.utoronto.ca
4 Bancroft Ave., Rm. 102 Voice: +1.416.978.0470
University of Toronto Fax: +1.416.978.6620
Toronto, ON M5S 1C1
CANADA
