add accessremote USER "name_USER""name_ADDRESS" SKIP_VERSION_1 "name_CERTIFICATE""name_KEY_ALGORITHM""name_DATA_ALGORITHM"
add accessremote USER "name_USER""name_ADDRESS" SKIP_VERSION_2 "name_CERTIFICATE""name_KEY_ALGORITHM" "name_DATA_ALGORITHM" "name_MAC_ALGORITHM""name_COMPRESSION_ALGORITHM"
add accessremote USER "name_USER""name_ADDRESS"IPSEC IKE( "name_ENCRYPTION_ALGORITHM", "name_AUTHENTICATION_ALGORITHM", OAKLEY_GROUP, "name_AUTHENTICATION_METHOD", "name_CERTIFICATE" )
For the IKE form, one of the following three data security parameter options (phase 2 transforms) must be specified. It may be issued after the IPSEC keyword:
AH( "name_AUTHENTICATION_ALGORITHM" )
AH( "name_AUTHENTICATION_ALGORITHM" ) ESP( "name_ENCRYPTION_ALGORITHM" )
ESP( "name_ENCRYPTION_ALGORITHM",name_AUTHENTICATION_ALGORITHM" )
The following field is optional for accessremote entries. It can be specified in any order after the accessremote keyword:
TUNNEL "name_ADDRESS" { if the remote machine is using tunneling }
The following fields are optional and can be specified in any order after the accesslocal/accessremote keyword:
PERMISSION ALL
PERMISSION WRITE
PERMISSION READ
PERMISSION STATUS
PERMISSION NONE { default if no PERMISSION is specified }
SCREEN "name_SCREEN"
COMMENT "comment string"