Securing the Network in Oracle® Solaris 11.2

Exit Print View

Updated: August 2014

IKEv1 Configuration Choices

The /etc/inet/ike/config configuration file contains the configuration for the in.iked daemon. The configuration consists of a number of rules. Each entry contains parameters such as algorithms and authentication data that this system can use with a similarly configured IKEv1 peer. The in.iked daemon supports preshared keys and public key certificates for identity.

The entry auth_method preshared indicates that preshared keys are used. Values for auth_method other than preshared indicate that public key certificates are to be used.

In IKEv1, preshared keys are tied to a particular IP address or range of addresses. The keys are placed in the /etc/inet/secret/ike.preshared file on each system.

For more information, see How IKE Works and the ike.config (4) and ike.preshared (4) man pages.