[igy01]

I want to set up IPsec & manual keying (not use isakmpd at all)

So, I set up something as:

host01 /etc>cat ipsec.conf
#
# Set up a tunnel using static keying:
#

flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2

esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey 0x54....somethnig_hex...:0x.....something_hex... \
enckey 0x...some_hex....:0x...some_hex......

And it works fine.

Now I want tu put keys into separate files, and my question is, how to create files for authkey i enckey?

It is NOT working for me, when I set up something as:

cat /etc/authkey.txt
0xaaaa........:0xbbbbbb...... (all is one line, keys separated by : )

or:

0xaaaa....... (two lines)
0xbbbb......

or:

aaaa....
bbbb...


what is the right syntax for this two files? I cant find any example :-(


Of course, ipsec.conf is now:

flow esp from 192.168.1.0/24 to 192.168.2.0/24 peer 10.10.10.2

esp from 10.10.10.1 to 10.10.10.2 spi 0xabd9da39:0xc9dbb83d \
authkey file "/etc/authkey.txt" enckey file "/etc/enckey.txt"