diff options
Diffstat (limited to 'src/starter')
| -rw-r--r-- | src/starter/ipsec.conf.5 | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/starter/ipsec.conf.5 b/src/starter/ipsec.conf.5 index 795dc9b7c..8157e2680 100644 --- a/src/starter/ipsec.conf.5 +++ b/src/starter/ipsec.conf.5 @@ -706,6 +706,12 @@ PFS is enforced by defining a Diffie-Hellman modp group in the .B esp parameter. .TP +.B pfsgroup +defines a Diffie-Hellman group for perfect forward secrecy in IKEv1 Quick Mode +differing from the DH group used for IKEv1 Main Mode (IKEv1 only). + + +.TP .B reauth whether rekeying of an IKE_SA should also reauthenticate the peer. In IKEv1, reauthentication is always done. In IKEv2, a value of |