1ike.config(4) File Formats ike.config(4)
2
3
4
6 ike.config - configuration file for IKE policy
7
9 /etc/inet/ike/config
10
11
13 The /etc/inet/ike/config file contains rules for matching inbound IKE
14 requests. It also contains rules for preparing outbound IKE requests.
15
16
17 You can test the syntactic correctness of an /etc/inet/ike/config file
18 by using the -c or -f options of in.iked(1M). You must use the -c
19 option to test a config file. You might need to use the -f option if it
20 is not in /etc/inet/ike/config.
21
22 Lexical Components
23 On any line, an unquoted # character introduces a comment. The remain‐
24 der of that line is ignored. Additionally, on any line, an unquoted //
25 sequence introduces a comment. The remainder of that line is ignored.
26
27
28 There are several types of lexical tokens in the ike.config file:
29
30 num
31
32 A decimal, hex, or octal number representation is as in 'C'.
33
34
35 IPaddr/prefix/range
36
37 An IPv4 or IPv6 address with an optional /NNN suffix, (where NNN is
38 a num) that indicates an address (CIDR) prefix (for example,
39 10.1.2.0/24). An optional /ADDR suffix (where ADDR is a second IP
40 address) indicates an address/mask pair (for example,
41 10.1.2.0/255.255.255.0). An optional -ADDR suffix (where ADDR is a
42 second IPv4 address) indicates an inclusive range of addresses (for
43 example, 10.1.2.0-10.1.2.255). The / or - can be surrounded by an
44 arbitrary amount of white space.
45
46
47 XXX | YYY | ZZZ
48
49 Either the words XXX, YYY, or ZZZ, for example, {yes,no}.
50
51
52 p1-id-type
53
54 An IKE phase 1 identity type. IKE phase 1 identity types include:
55 dn, DN
56 dns, DNS
57 fqdn, FQDN
58 gn, GN
59 ip, IP
60 ipv4
61 ipv4_prefix
62 ipv4_range
63 ipv6
64 ipv6_prefix
65 ipv6_range
66 mbox, MBOX
67 user_fqdn
68
69
70 "string"
71
72 A quoted string.
73
74 Examples include:"Label foo", or "C=US, OU=Sun Microsystems\, Inc.,
75 N=olemcd@eng.example.com"
76
77 A backslash (\) is an escape character. If the string needs an
78 actual backslash, two must be specified.
79
80
81 cert-sel
82
83 A certificate selector, a string which specifies the identities of
84 zero or more certificates. The specifiers can conform to X.509 nam‐
85 ing conventions.
86
87 A cert-sel can also use various shortcuts to match either subject
88 alternative names, the filename or slot of a certificate in
89 /etc/inet/ike/publickeys, or even the ISSUER. For example:
90
91 "SLOT=0"
92 "EMAIL=postmaster@domain.org"
93 "webmaster@domain.org" # Some just work w/o TYPE=
94 "IP=10.0.0.1"
95 "10.21.11.11" # Some just work w/o TYPE=
96 "DNS=www.domain.org"
97 "mailhost.domain.org" # Some just work w/o TYPE=
98 "ISSUER=C=US, O=Sun Microsystems\, Inc., CN=Sun CA"
99
100
101 Any cert-sel preceded by the character ! indicates a negative
102 match, that is, not matching this specifier. These are the same
103 kind of strings used in ikecert(1M).
104
105
106 ldap-list
107
108 A quoted, comma-separated list of LDAP servers and ports.
109
110 For example, "ldap1.example.com", "ldap1.example.com:389",
111 "ldap1.example.com:389,ldap2.example.com".
112
113 The default port for LDAP is 389.
114
115
116 parameter-list
117
118 A list of parameters.
119
120
121 File Body Entries
122 There are four main types of entries:
123
124 o global parameters
125
126 o IKE phase 1 transform defaults
127
128 o IKE rule defaults
129
130 o IKE rules
131
132
133 The global parameter entries are as follows:
134
135 cert_root cert-sel
136
137 The X.509 distinguished name of a certificate that is a trusted
138 root CA certificate.It must be encoded in a file in the
139 /etc/inet/ike/publickeys directory. It must have a CRL in
140 /etc/inet/ike/crls. Multiple cert_root parameters aggregate.
141
142
143 cert_trust cert-sel
144
145 Specifies an X.509 distinguished name of a certificate that is
146 self-signed, or has otherwise been verified as trustworthy for
147 signing IKE exchanges. It must be encoded in a file in
148 /etc/inet/ike/publickeys. Multiple cert_trust parameters aggregate.
149
150
151 expire_timer integer
152
153 The number of seconds to let a not-yet-complete IKE Phase I (Main
154 Mode) negotiation linger before deleting it. Default value: 300
155 seconds.
156
157
158 ignore_crls
159
160 If this keyword is present in the file, in.iked(1M) ignores Cer‐
161 tificate Revocation Lists (CRLs) for root CAs (as given in
162 cert_root)
163
164
165 ldap_server ldap-list
166
167 A list of LDAP servers to query for certificates. The list can be
168 additive.
169
170
171 pkcs11_path string
172
173 The string that follows is a name of a shared object (.so) that
174 implements the PKCS#11 standard. The name is passed directly into
175 dlopen(3C) for linking, with all of the semantics of that library
176 call. By default, in.iked(1M) runs the same ISA as the running ker‐
177 nel, so a library specified using pkcs11_path and an absolute path‐
178 name must match the same ISA as the kernel. One can use the
179 start/exec SMF property (see svccfg(1M)) to change in.iked's ISA,
180 but it is not recommended.
181
182 If this setting is not present, the default value is set to libp‐
183 kcs11.so. Most cryptographic providers go through the default
184 library, and this parameter should only be used if a specialized
185 provider of IKE-useful cryptographic services cannot interface with
186 the Solaris Cryptographic Framework. See cryptoadm(1M).
187
188 This option is now deprecated, and may be removed in a future
189 release.
190
191
192 retry_limit integer
193
194 The number of retransmits before any IKE negotiation is aborted.
195 Default value: 5 times.
196
197
198 retry_timer_init integer or float
199
200 The initial interval (in seconds) between retransmits. This inter‐
201 val is doubled until the retry_timer_max value (see below) is
202 reached. Default value: 0.5 seconds.
203
204
205 retry_timer_max integer or float
206
207 The maximum interval (in seconds) between retransmits. The doubling
208 retransmit interval stops growing at this limit. Default value: 30
209 seconds.
210
211 Note -
212
213 This value is never reached with the default configuration. The
214 longest interval is 8 (0.5 * 2 ^ (5 - 1)) seconds.
215
216
217 proxy string
218
219 The string following this keyword must be a URL for an HTTP proxy,
220 for example, http://proxy:8080.
221
222
223 socks string
224
225 The string following this keyword must be a URL for a SOCKS proxy,
226 for example, socks://socks-proxy.
227
228
229 use_http
230
231 If this keyword is present in the file, in.iked(1M) uses HTTP to
232 retrieve Certificate Revocation Lists (CRLs).
233
234
235
236 The following IKE phase 1 transform parameters can be prefigured using
237 file-level defaults. Values specified within any given transform over‐
238 ride these defaults.
239
240
241 The IKE phase 1 transform defaults are as follows:
242
243 p1_lifetime_secs num
244
245 The proposed default lifetime, in seconds, of an IKE phase 1 secu‐
246 rity association (SA).
247
248
249 p1_nonce_len num
250
251 The length in bytes of the phase 1 (quick mode) nonce data. This
252 cannot be specified on a per-rule basis.
253
254
255
256 The following IKE rule parameters can be prefigured using file-level
257 defaults. Values specified within any given rule override these
258 defaults, unless a rule cannot.
259
260 p2_lifetime_secs num
261
262 The proposed default lifetime, in seconds, of an IKE phase 2 secu‐
263 rity association (SA). This value is optional. If omitted, a
264 default value is used.
265
266
267 p2_softlife_secs num
268
269 The soft lifetime of a phase 2 SA, in seconds. If this value is
270 specified, the SA soft expires after the number of seconds speci‐
271 fied by p2_softlife_secs. This causes in.iked to renegotiate a new
272 phase 2 SA before the original SA expires.
273
274 This value is optional, if omitted soft expiry occurs after 90% of
275 the lifetime specified by p2_lifetime_secs. The value specified by
276 p2_softlife_secs is ignored if p2_lifetime_secs is not specified.
277
278 Setting p2_softlife_secs to the same value as p2_lifetime_secs dis‐
279 ables soft expires.
280
281
282 p2_idletime_secs num
283
284 The idle lifetime of a phase 2 SA, in seconds. If the value is
285 specified, the value specifies the lifetime of the SA, if the secu‐
286 rity association is not used before the SA is revalidated.
287
288
289 p2_lifetime_kb num
290
291 The lifetime of an SA can optionally be specified in kilobytes.
292 This parameter specifies the default value. If lifetimes are speci‐
293 fied in both seconds and kilobytes, the SA expires when either the
294 seconds or kilobyte threshholds are passed.
295
296
297 p2_softlife_kb num
298
299 This value is the number of kilobytes that can be protected by an
300 SA before a soft expire occurs (see p2_softlife_secs, above).
301
302 This value is optional. If omitted, soft expiry occurs after 90% of
303 the lifetime specified by p2_lifetime_kb. The value specified by
304 p2_softlife_kb is ignored if p2_lifetime_kb is not specified.
305
306
307 p2_nonce_len num
308
309 The length in bytes of the phase 2 (quick mode) nonce data. This
310 cannot be specified on a per-rule basis.
311
312
313 local_id_type p1-id-type
314
315 The local identity for IKE requires a type. This identity type is
316 reflected in the IKE exchange. The type can be one of the follow‐
317 ing:
318
319 o an IP address (for example, 10.1.1.2)
320
321 o DNS name (for example, test.domain.com)
322
323 o MBOX RFC 822 name (for example, root@domain.com)
324
325 o DNX.509 distinguished name (for example, C=US, O=Sun
326 Microsystems Inc., CN=Sun Test cert)
327
328
329 p1_xform '{' parameter-list '}
330
331 A phase 1 transform specifies a method for protecting an IKE phase
332 1 exchange. An initiator offers up lists of phase 1 transforms, and
333 a receiver is expected to only accept such an entry if it matches
334 one in a phase 1 rule. There can be several of these, and they are
335 additive. There must be either at least one phase 1 transform in a
336 rule or a global default phase 1 transform list. In a configuration
337 file without a global default phase 1 transform list and a rule
338 without a phase, transform list is an invalid file. Unless speci‐
339 fied as optional, elements in the parameter-list must occur exactly
340 once within a given transform's parameter-list:
341
342 oakley_group number
343
344 The Oakley Diffie-Hellman group used for IKE SA key derivation.
345 The group numbers are defined in RFC 2409, Appendix A, and RFC
346 3526. Acceptable values are currently:
347 1 (768-bit)
348 2 (1024-bit)
349 5 (1536-bit)
350 14 (2048-bit)
351 15 (3072-bit)
352 16 (4096-bit)
353
354
355 encr_alg {3des, 3des-cbc, blowfish, blowfish-cdc, des, des-cbc,
356 aes, aes-cbc}
357
358 An encryption algorithm, as in ipsecconf(1M). However, of the
359 ciphers listed above, only aes and aes-cbc allow optional key-
360 size setting, using the "low value-to-high value" syntax. To
361 specify a single AES key size, the low value must equal the
362 high value. If no range is specified, all three AES key sizes
363 are allowed.
364
365
366 auth_alg {md5, sha, sha1, sha256, sha384, sha512}
367
368 An authentication algorithm.
369
370 Use ipsecalgs(1M) with the -l option to list the IPsec proto‐
371 cols and algorithms currently defined on a system. The cryp‐
372 toadm list command diplays a list of installed providers and
373 their mechanisms. See cryptoadm(1M).
374
375
376 auth_method {preshared, rsa_sig, rsa_encrypt, dss_sig}
377
378 The authentication method used for IKE phase 1.
379
380
381 p1_lifetime_secs num
382
383 Optional. The lifetime for a phase 1 SA.
384
385
386
387 p2_lifetime_secs num
388
389 If configuring the kernel defaults is not sufficient for different
390 tasks, this parameter can be used on a per-rule basis to set the
391 IPsec SA lifetimes in seconds.
392
393
394 p2_pfs num
395
396 Use perfect forward secrecy for phase 2 (quick mode). If selected,
397 the oakley group specified is used for phase 2 PFS. Acceptable val‐
398 ues are:
399 0 (do not use Perfect Forward Secrecy for IPsec SAs)
400 1 (768-bit)
401 2 (1024-bit)
402 5 (1536-bit)
403 14 (2048-bit)
404 15 (3072-bit)
405 16 (4096-bit)
406
407
408
409 An IKE rule starts with a right-curly-brace ({), ends with a left-
410 curly-brace (}), and has the following parameters in between:
411
412 label string
413
414 Required parameter. The administrative interface to in.iked looks
415 up phase 1 policy rules with the label as the search string. The
416 administrative interface also converts the label into an index,
417 suitable for an extended ACQUIRE message from PF_KEY - effectively
418 tying IPsec policy to IKE policy in the case of a node initiating
419 traffic. Only one label parameter is allowed per rule.
420
421
422 local_addr <IPaddr/prefix/range>
423
424 Required parameter. The local address, address prefix, or address
425 range for this phase 1 rule. Multiple local_addr parameters accumu‐
426 late within a given rule.
427
428
429 remote_addr <IPaddr/prefix/range>
430
431 Required parameter. The remote address, address prefix, or address
432 range for this phase 1 rule. Multiple remote_addr parameters accu‐
433 mulate within a given rule.
434
435
436 local_id_type p1-id-type
437
438 Which phase 1 identity type I uses. This is needed because a single
439 certificate can contain multiple values for use in IKE phase 1.
440 Within a given rule, all phase 1 transforms must either use pre‐
441 shared or non-preshared authentication (they cannot be mixed). For
442 rules with preshared authentication, the local_id_type parameter is
443 optional, and defaults to IP. For rules which use non-preshared
444 authentication, the 'local_id_type' parameter is required. Multiple
445 'local_id_type' parameters within a rule are not allowed.
446
447
448 local_id cert-sel
449
450 Disallowed for preshared authentication method; required parameter
451 for non-preshared authentication method. The local identity string
452 or certificate selector. Only one local identity per rule is used,
453 the first one stated.
454
455
456 remote_id cert-sel
457
458 Disallowed for preshared authentication method; required parameter
459 for non-preshared authentication method. Selector for which remote
460 phase 1 identities are allowed by this rule. Multiple remote_id
461 parameters accumulate within a given rule. If a single empty string
462 ("") is given, then this accepts any remote ID for phase 1. It is
463 recommended that certificate trust chains or address enforcement be
464 configured strictly to prevent a breakdown in security if this
465 value for remote_id is used.
466
467
468 p2_lifetime_secs num
469
470 If configuring the kernel defaults is not sufficient for different
471 tasks, this parameter can be used on a per-rule basis to set the
472 IPsec SA lifetimes in seconds.
473
474
475 p2_pfs num
476
477 Use perfect forward secrecy for phase 2 (quick mode). If selected,
478 the oakley group specified is used for phase 2 PFS. Acceptable val‐
479 ues are:
480 0 (do not use Perfect Forward Secrecy for IPsec SAs)
481 1 (768-bit)
482 2 (1024-bit)
483 5 (1536-bit)
484 14 (2048-bit)
485 15 (3072-bit)
486 16 (4096-bit)
487
488
489 p1_xform { parameter-list }
490
491 A phase 1 transform specifies a method for protecting an IKE phase
492 1 exchange. An initiator offers up lists of phase 1 transforms, and
493 a receiver is expected to only accept such an entry if it matches
494 one in a phase 1 rule. There can be several of these, and they are
495 additive. There must be either at least one phase 1 transform in a
496 rule or a global default phase 1 transform list. A ike.config file
497 without a global default phase 1transform list and a rule without a
498 phase 1 transform list is an invalid file. Elements within the
499 parameter-list; unless specified as optional, must occur exactly
500 once within a given transform's parameter-list:
501
502 oakley_group number
503
504 The Oakley Diffie-Hellman group used for IKE SA key derivation.
505 Acceptable values are currently:
506 1 (768-bit)
507 2 (1024-bit)
508 5 (1536-bit)
509 14 (2048-bit)
510 15 (3072-bit)
511 16 (4096-bit)
512
513
514 encr_alg {3des, 3des-cbc, blowfish, blowfish-cdc, des, des-cbc,
515 aes, aes-cbc}
516
517 An encryption algorithm, as in ipsecconf(1M). However, of the
518 ciphers listed above, only aes and aes-cbc allow optional key-
519 size setting, using the "low value-to-high value" syntax. To
520 specify a single AES key size, the low value must equal the
521 high value. If no range is specified, all three AES key sizes
522 are allowed.
523
524
525 auth_alg {md5, sha, sha1}
526
527 An authentication algorithm, as specified in ipseckey(1M).
528
529
530 auth_method {preshared, rsa_sig, rsa_encrypt, dss_sig}
531
532 The authentication method used for IKE phase 1.
533
534
535 p1_lifetime_secs num
536
537 Optional. The lifetime for a phase 1 SA.
538
539
540
542 Example 1 A Sample ike.config File
543
544
545 The following is an example of an ike.config file:
546
547
548
549 ### BEGINNING OF FILE
550
551 ### First some global parameters...
552
553 ### certificate parameters...
554
555 # Root certificates. I SHOULD use a full Distinguished Name.
556 # I must have this certificate in my local filesystem, see ikecert(1m).
557 cert_root "C=US, O=Sun Microsystems\, Inc., CN=Sun CA"
558
559 # Explicitly trusted certs that need no signatures, or perhaps
560 # self-signed ones. Like root certificates, use full DNs for them
561 # for now.
562 cert_trust "EMAIL=root@domain.org"
563
564 # Where do I send LDAP requests?
565 ldap_server "ldap1.domain.org,ldap2.domain.org:389"
566
567 ## phase 1 transform defaults...
568
569 p1_lifetime_secs 14400
570 p1_nonce_len 20
571
572 ## Parameters that might also show up in rules.
573
574 p1_xform { auth_method preshared oakley_group 5 auth_alg sha
575 encr_alg 3des }
576 p2_pfs 2
577
578
579
580 ### Now some rules...
581
582 {
583 label "simple inheritor"
584 local_id_type ip
585 local_addr 10.1.1.1
586 remote_addr 10.1.1.2
587 }
588 {
589 label "simple inheritor IPv6"
590 local_id_type ipv6
591 local_addr fe80::a00:20ff:fe7d:6
592 remote_addr fe80::a00:20ff:fefb:3780
593 }
594
595 {
596 # an index-only rule. If I'm a receiver, and all I
597 # have are index-only rules, what do I do about inbound IKE requests?
598 # Answer: Take them all!
599
600 label "default rule"
601 # Use whatever "host" (e.g. IP address) identity is appropriate
602 local_id_type ipv4
603
604 local_addr 0.0.0.0/0
605 remote_addr 0.0.0.0/0
606
607 p2_pfs 5
608
609 # Now I'm going to have the p1_xforms
610 p1_xform
611 {auth_method preshared oakley_group 5 auth_alg md5 encr_alg \
612 blowfish } p1_xform
613 {auth_method preshared oakley_group 5 auth_alg md5 encr_alg 3des }
614
615 # After said list, another keyword (or a '}') stops xform
616 # parsing.
617 }
618
619 {
620 # Let's try something a little more conventional.
621
622 label "host to .80 subnet"
623 local_id_type ip
624 local_id "10.1.86.51"
625
626 remote_id "" # Take any, use remote_addr for access control.
627
628 local_addr 10.1.86.51
629 remote_addr 10.1.80.0/24
630
631 p1_xform
632 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg 3des }
633 p1_xform
634 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg \
635 blowfish }
636 p1_xform
637 { auth_method rsa_sig oakley_group 5 auth_alg sha1 encr_alg 3des }
638 p1_xform
639 { auth_method rsa_sig oakley_group 5 auth_alg sha1 encr_alg \
640 blowfish }
641 }
642
643 {
644 # Let's try something a little more conventional, but with ipv6.
645
646 label "host to fe80::/10 subnet"
647 local_id_type ip
648 local_id "fe80::a00:20ff:fe7d:6"
649
650 remote_id "" # Take any, use remote_addr for access control.
651
652 local_addr fe80::a00:20ff:fe7d:6
653 remote_addr fe80::/10
654
655 p1_xform
656 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg 3des }
657 p1_xform
658 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg \
659 blowfish }
660 p1_xform
661 { auth_method rsa_sig oakley_group 5 auth_alg sha1 encr_alg \
662 3des }
663 p1_xform
664 { auth_method rsa_sig oakley_group 5 auth_alg sha1 encr_alg \
665 blowfish }
666 }
667
668 {
669 # How 'bout something with a different cert type and name?
670
671 label "punchin-point"
672 local_id_type mbox
673 local_id "ipsec-wizard@domain.org"
674
675 remote_id "10.5.5.128"
676
677 local_addr 0.0.0.0/0
678 remote_addr 10.5.5.128
679
680 p1_xform
681 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg \
682 blowfish }
683 }
684
685 {
686 label "receiver side"
687
688 remote_id "ipsec-wizard@domain.org"
689
690 local_id_type ip
691 local_id "10.5.5.128"
692
693 local_addr 10.5.5.128
694 remote_addr 0.0.0.0/0
695
696 p1_xform
697 { auth_method rsa_sig oakley_group 5 auth_alg md5 encr_alg blowfish }
698 # NOTE: Specifying preshared null-and-voids the remote_id/local_id
699 # fields.
700 p1_xform
701 { auth_method preshared oakley_group 5 auth_alg md5 encr_alg \
702 blowfish}
703
704 }
705
706
708 See attributes(5) for descriptions of the following attributes:
709
710
711
712
713 ┌─────────────────────────────┬─────────────────────────────┐
714 │ ATTRIBUTE TYPE │ ATTRIBUTE VALUE │
715 ├─────────────────────────────┼─────────────────────────────┤
716 │Availability │SUNWcsr │
717 ├─────────────────────────────┼─────────────────────────────┤
718 │Interface Stability │Committed │
719 └─────────────────────────────┴─────────────────────────────┘
720
722 cryptoadm(1M), ikeadm(1M), in.iked(1M), ikecert(1M), ipseckey(1M),
723 ipsecalgs(1M), ipsecconf(1M), svccfg(1M), dlopen(3C), attributes(5),
724 random(7D)
725
726
727 Harkins, Dan and Carrel, Dave. RFC 2409, Internet Key Exchange (IKE).
728 Cisco Systems, November 1998.
729
730
731 Maughan, Douglas et. al. RFC 2408, Internet Security Association and
732 Key Management Protocol (ISAKMP). National Security Agency, Ft. Meade,
733 MD. November 1998.
734
735
736 Piper, Derrell. RFC 2407, The Internet IP Security Domain of Interpre‐
737 tation for ISAKMP. Network Alchemy. Santa Cruz, California. November
738 1998.
739
740
741 Kivinen, T. RFC 3526, More Modular Exponential (MODP) Diffie-Hellman
742 Groups for Internet Key Exchange (IKE). The Internet Society, Network
743 Working Group. May 2003.
744
745
746
747SunOS 5.11 27 Apr 2009 ike.config(4)