#.....
AAASettings (
RadiusServer = 10.0.8.187 # no default!
Secret = <secret_name_in_keydb> # no default!
NonInteractiveUserPassword = <passwd_name_in_keydb> # password for non-interactive xauth
SendAccounting = TRUE
ResponseTimeout = 3 # in seconds
Retries = 4
)
#.....
IKERule name (
#.....
IKECFGPool = pool_1 # use local IKECFG server.
XAuthServerEnabled = [FALSE] | TRUE # demand IKE XAuth authentication type
AAAUserName = { [<NONE>] | # no XAuth: common; XAuth: send SET(OK)
INTERACTIVE | # no XAuth: <not allowed>; XAuth: request user/password
# Below: use NonInteractivePassword to access RADIUS-server; XAuth: just send SET(OK|FAIL)
IKE_ID | # use printable IKE Identity as user
CERT_SUBJ_CN | # use generic CN field from partner's certificate
CERT_SUBJ_OU | # use generic OU field from partner's certificate
CERT_ALTSUBJ_EMAIL | # use generic EMail field from partner's certificate
CERT_ALTSUBJ_DNS } # use generic DNS field from partner's certificate
)