#  freeswan-team-conns  --  IPSEC/IKE config for the project VPN
#	by  ||ugh Daniel <hugh@toad.com> 2000/01/24
#	and D. Hugh Redelmeier <hugh@mimosa.com>
#
# Conventions:
#
# - information is supplied as if for the right side
#	+ the local side will be the left
#	+ mnemonic: L for Local and Left, R for Remote and Right
#
# - each system is describe with one conn for the host and
#   one for each subnet.  The subnets use also= to refer to host.
#
# - naming convention:
#	+ owner gets to choose pithy referent for site
#	+ suffix -host for host
#	+ suffix -net for subnet (if unique)
#
# - extra information can be included as x- attributes or comments
#	+ x-right-pinger
#
# - dotted-quad IP addresses are preferred to domain names
# 	+ this allows VPN to function without/before/distrusting DNS
#	+ need not apply to extensions unused by FreeS/WAN
#	+ If name is known, capture in an extension with a systematic
#	  name: prefix x-, suffix -name (eg. x-right-name=)
#
# - keys are expressed in base 64 (0s...)
#
#
# usage:
#	include ipsec.vpns/freeswan.project
#	conn me_remote
#		also=me
#		also=remote
#		...


#### Hugh Daniel's Edome ####

conn hd-subnet
	also=hd-host
	rightsubnet=216.240.42.0/255.255.255.0
	x-rightsubnet-name=edome-net.toad.com/edome-mask.toad.com

conn hd-host
	right=216.240.36.86
	x-right-name=public.syzygy.com
	rightnexthop=216.240.36.85
	rightrsasigkey=0sAQNdh1rNMNE54BA11AGamgn1QL9KzUbJhX8bdhpUTjYV9ZQyFVWqg4C4vhLQOjMPCDCaYwc0jk6PPHmZMIib+BWwGC7LDNSqt7m1m0nsGNUFEy4ogphkeZt47G2fMjwBWsZtXqizQFXZqaAY05D3qEw1/NTGuMObsfrpAvfgf3htks7MC2/eq6jhQpfR1RgMT0QIGkG5FWgfEDHknZBZrIBZKqfC89fSAjfZjAZyuBHACMvfB0E1snUkrs2V+Lobmdj1CrxWJNEe9RGJ6KjYGUYI8AigLqS3v7aml/SFRRZvLQ7Odal0XSXU69v/J1ZUR1F44j0AN/c4Wl1D3smGo4hxAw8WwWusgWbYwscz
	x-rightnexthop-name=nexthop.syzygy.com
	x-passnet=216.240.43.0/24
	x-ping_target=east.toad.com	# 216.240.42.145
	x-chargen_target=east.toad.com	# 216.240.42.145
	x-lfs_version=1.00		# upgrade planned...
	x-contact="Hugh Daniel <hugh@toad.com> (+1 408 353 8124)"

#### Projects machines

conn abigail-net
	rightsubnet=192.139.46.46/32
	also=abigail-host

conn abigail-host
	right=192.139.46.76
	x-right-name=private.abigail.freeswan.org
	rightid=@private.abigail.freeswan.org
	rightnexthop=192.139.46.77
	rightrsasigkey=0sAQN1+2l0FQZjgwcpDzaEMuPfnyY/YJ8eTKsyOrS9YxcEyHJ6naH10oq/UZ0YtrefvVXaGFIh5mzc6VwKuOCtd6qbh59GLk+861pA9tc0ut4VkivqrCVSO3DDDBTJAcYA4DWH+6ZJM+7enII0/Brj+SITMDr+MvDBRZ6HlujVMwRo/kGXgkayUHZsYmqwsIkJg96JpzlDA7HK+2Qc+97Rk5kC5MV8Ug5CJOl5k3xp4QGy7z4aVD3DkKCz/XXbc5dCdFy2As+cXCww+e/frO+5eumXpbOaDJaEl5gJGaOb/vwUbhPA/kMwPFo3lMp5SG3kcDoPzjeq06pUUJpfJmz5VpfD


conn adams-host
	#
	#
	right=adams.freeswan.org
	rightid=@adams.freeswan.org
	rightnexthop=194.109.218.209
	#
	rightrsasigkey=0x010384cd68b08f0d92d83de06afdc0581924dd5c358f114072a3d73788fe21ccd80e64737c917824d8c6b76ff6cd64f1a90c372dc27341fb0c689cef9ee92a457cd887c406f002eb960b30957d92a1aba6efd362c6a6390b803c371db2ee0d14ccaee29ff7e9d834b2d9b0416cba93e5b9020623d077cbef92c0677f6f6865e0b1b108574b859e36b21ece23510b3bd0fb864f4e7d4170f76f7a7a791cfb68c74b1b2a5e55542f1ac457fb94c52c79bdbd60e6c433405138ea595b3a5cb807a073344ca3a66512b0b4e202f55656327c96a61b299c406022b2ad91e83b367f0b757223d1967ead7475c6b8a2fcbe8c887475316913f6b36cee405ed19dc7da8d49a5


#### John Gilmore's Toad Hall ####

conn jg-subnet
	also=jg-host
	rightsubnet=140.174.2.1/32		# one host, toad.com
	x-rightsubnet-name=toad.com/32

conn jg-host
	right=140.174.2.9
	x-right-name=north.toad.com
	rightnexthop=140.174.2.23
	x-rightnexthop-name=gw.toad.com
	x-lfs_version=1.0		# stays 1.0 for at least a few days
	x-contact="Hugh Daniel <hugh@toad.com> (+1 408 353 8124)"
	x-contact="John Gilmore <gnu@toad.com> (+1 415 221 6524)"


#### Richard Guy Briggs' Co-op ####

conn rgb-net1
	also=rgb-host
	rightsubnet=192.168.1.0/24	# not public or routeable!
	x-ping-target=192.168.1.2
	x-ping-target-name=grendel.conscoop.ottawa.on.ca

conn rgb-net2
	also=rgb-host
	rightsubnet=192.168.2.0/24	# not public or routeable!
	x-rightsubnet-name=sub2-net.conscoop.ottawa.on.ca/sub2-mask.conscoop.ottawa.on.ca	# not public or routeable!
	x-ping-target=192.168.2.110	# not public or routeable!
	x-ping-target-name=gonzales.conscoop.ottawa.on.ca	# not public or routeable!
	x-chargen-target=192.168.2.110	# not public or routeable!
	x-chargen-target-name=gonzales.conscoop.ottawa.on.ca	# not public or routeable!

conn rgb-netE
	also=rgb-host
	rightsubnet=216.240.43.64/26
	x-rightsubnet-name=sub2-e-net.conscoop.ottawa.on.ca/sub2-e-mask.conscoop.ottawa.on.ca
	x-ping-target=216.240.43.66
	x-ping-target-name=gonzales-e.conscoop.ottawa.on.ca
	x-chargen-target=216.240.43.66
	x-chargen-target-name=gonzales-e.conscoop.ottawa.on.ca

conn rgb-host
	right=207.236.55.216
	x-right-name=arrakeen.conscoop.ottawa.on.ca
	rightnexthop=207.236.55.1
	x-rightnexthop-name=nexthop.conscoop.ottawa.on.ca
	x-lfs_version="Linux FreeS/WAN U/K2001-07-07_18:46:07"
	rightid=@arrakeen.conscoop.ottawa.on.ca
	rightrsasigkey=0sAQPSJV1G4prIluo5SPIKt2ADpY0Hhxa0sz7aIsxCOweQHAqrxwDz35SWLOMDA37d6bWOddJKUWOyIFOvQqbzaJEzgbBR3+9S+UeLCN20f/8VLOsy2AHp1jlZxwciB8PHeOKUY4QaGDSAMOUwS4Fa/zcEeN17co1d9nsUjBg8W9cGk6hAdWIflsxa5kMjZZHPE6men5sDcNzJFn4jXsyi1eFLPgjdJ1lcva+UanI4SV+NCiY67geNxbL7M4jO2pN3D38Ibl7eUTZf439nebzlW0vyTCWKLLWsrbrMFnRSb/vsW6ctqXylCiO+iIgzkVVWt9BBMXgrXi4BXOkPWhOUBpdV
	x-rightinkey="IN KEY 0x4200 4 1 AQPSJV1G4prIluo5SPIKt2ADpY0Hhxa0sz7aIsxCOweQHAqrxwDz35SWLOMDA37d6bWOddJKUWOyIFOvQqbzaJEzgbBR3+9S+UeLCN20f/8VLOsy2AHp1jlZxwciB8PHeOKUY4QaGDSAMOUwS4Fa/zcEeN17co1d9nsUjBg8W9cGk6hAdWIflsxa5kMjZZHPE6men5sDcNzJFn4jXsyi1eFLPgjdJ1lcva+UanI4SV+NCiY67geNxbL7M4jO2pN3D38Ibl7eUTZf439nebzlW0vyTCWKLLWsrbrMFnRSb/vsW6ctqXylCiO+iIgzkVVWt9BBMXgrXi4BXOkPWhOUBpdV"
	x-contact="Richard Guy Briggs <rgb@conscoop.ottawa.on.ca> (+1 613 237 1549)"

# notebook aaitlol: Alone Again In The Lap Of Luxury
conn aaitlol-net
	also=aaitlol-host
	leftsubnet=172.31.252.0/24
	x-leftsubnet=mobile-net.conscoop.ottawa.on.ca/mobile-mask.conscoop.ottawa.on.ca

conn aaitlol-nete
	also=aaitlol-host
	leftsubnet=216.240.43.120/29
	x-leftsubnet=mobile-e-net.conscoop.ottawa.on.ca/mobile-e-mask.conscoop.ottawa.on.ca

conn aaitlol-host
	right=%any
	rightid=@aaitlol.conscoop.ottawa.on.ca
	authby=rsasig
	rightrsasigkey=0x010376578530b0491e8106332cc3b82361d5e4c12bfb947e74c523ed38533398d8047945315b06a4a75c3f4ab4cd279902448868bb31541ae81bcd52050723f40b20f58ac89a1ad27a0d453543d2270364db74897f19cade857a96ad41749f826943fc791026262a7f8cd8feda6dac0500ba0eb9ae905d033d59907e744c224375b6411172127a9a9a4a2b796b85319bf73602c833906d4830ed051b0a927f8f86844eb55728360354ba2ed37b3c3c6dbb4e532fe4309a861871ebd38926d01f16e8c52d16503273ddbd2d7a88ca039c650712b712866b9cd317b9e50b32d22453b4aa8534b8d9560fe7580ff0e71db525f872968ff7e088f531b18f4a257826e723


#### Hugh Redelmeier's system, mimosa.com ####
# hugh@mimosa.com  +1 416 482 8253
# Updated 2001 October 23

# for now, production subnet goes through Cable
conn mimosa-subnet
	also=mimosa-gw-c
	rightsubnet=192.139.70.64/26
	x-ping_target=192.139.70.112	# private name: redouble.mimosa.com

# test subnet goes through DSL
conn mimosa-testnet
	also=mimosa-gw-d
	rightsubnet=192.139.70.0/26

# cable gateway (through Rogers@Home)
# Note: this IP address may change without notice :-(
conn mimosa-gw-c
	right=24.112.39.102
	x-right-name=CPE00606767ED59.cpe.net.cable.rogers.com	# gw-c.mimosa.com
	rightnexthop=24.112.192.1
	rightrsasigkey=0sAQMM6XdcRc4C0OxA69h8EIXkFqkKpR4me46yi7tbJSOQhG7h5mFBbOZM//lkH9bcokRLfkuOcyvNEkQA0QADUeJ+Znv2TGv/dDrw8lU9WDXdpUxpzMEs+7BVzkYqPJ25mxqdVt39uRzwbKkjVV+LIW/P1UBmDZS2JPoymL6va63s1Q==
	rightid=@gw-c.mimosa.com

# DSL (ADSL) gateway (through The Higher Technology, tht.net)
conn mimosa-gw-d
	right=216.126.78.97
	x-right-name=gw-d.mimosa.com
	rightnexthop=216.126.76.1
	rightrsasigkey=0sAQNkTV6X8oGokz+jUY6pQokclMSj4SY6OPrGlMYERWzrmFADS2GWs82DeEeVIahVxCwi3klwEk7UvnrqImDrQiPQZVOe/ZYY4CmozTQaLMMuI5mhIomyeRQcgSNn69XFs0G9uURoTMO9vGS2X3pr4bzI6UNYnjXdAKfk83LzA5Xs8ZdRZ7iNPIaEtjJn+XHiEaBirpwjOQ9rhj2AxEIF6/ddnJquCvZ+8Jqqdi47ttLGQgyDNJJT3sqTugGRm5kJ0eutqKQdaGiiha4G15Bcdrsi9Avis1zY0jvHtQCO/Z/NdOKRu6HAd+EB61CqFniDANs2FaYP6P3tLwyvLc/vAwxn
	rightid=@gw-d.mimosa.com


#### Gary Barhard, ISP ####
#	x-contact="Hugh Daniel <hugh@toad.com> (+1 408 353 8124)"
#	x-contact="Gary Barnhard <barnhard@barnhard.net> (+1 301 229 8012)"


#### Sandy Harris ####
# sandy@storm.ca  613 232 5628
# updated 2001 June 20

conn sandy-subnet
	also=sandy-host
	rightsubnet=192.168.100.128/25
	x-ping_target=192.168.100.129	# Linux server
	x-bad_target=192.168.100.32	# desktop, not in subnet

conn sandy-host
	# right security gateway, PPPoE with dynamic address
	# firewall/gateway is dual PPro 200, 64 megs
	# running 2.2.19 SMP, FreeS/WAN 1.91, rp-pppoe 3.1.1
	right=%any
	# arbitrary ID
	rightid=@sandy.freeswan.org
	rightrsasigkey=0x0103e50bc61ac1ac3ccbf3410b83c9a30457d95b714b5a4dd1e6480dfdf4ee9c3acd1cb30da10819ff39f2aab754622d4189bf870aca8c2cac645430c9b04e500564039035d9a0d8599f1bae5e3b671cc344e6479f05dd61750ceb614ed2ad738b94c9b122e61af3051194d88257a134d4d96e661ed55d3659e1c5ee7469d7ab53cb97faa018bf84b85f1e30e9f64c372050f03b181825d5f0145db06c064f4dc76bd26b8993b33e187e1c746e653d5253828d82e801d4870ef1a110fd90220b09d77284fc0633d250e410cf67383a2772e236279d25c6f9c9e8d9f6f2fef26aeb86ac53597135670ed43df6daa93bc0e34173c81df94b46452a344f7aaeeb44a5a3
	x-contact="Sandy Harris <sandy@storm.ca> (+1 613 232 5628)"


#### Henry Spencer's network ####
# henry@spsystems.net  +1 416 690 6561

conn henry-smallnet
	rightsubnet=209.47.149.227/32
	x-ping-target=209.47.149.227
	x-ping-target-name=spsystems.net
	also=henry-host

# not usable directly at this time -- connections only to subnets
conn henry-host
	right=209.47.149.225
	x-right-name=gateway.spsystems.net
	rightid=@gateway.spsystems.net
	# 2048 bits, Sun Feb  6 19:52:44 2000
	rightrsasigkey=0sAQO/AAYpLjO2CiA32oo4aBf0g+GKP6gvBK4hXNDqqcKd+8F6ym8DKvfQXav1AuR/ZCoMubGR/5yI4GhXvz2iBfi9T+bf1ik7uqaLaUp0SSTZc9XFLJpsBQ0KKpbwDW5/lsaCrDW7IHCEFxL3YjFI/y6yVeoAMXTyWqjMNQ0uYjxkpU4fHnIxGKe7kHIlrR8Ea4HyVo7fi3yyyFGGJRNLCa79eukZGnpV8bvMY7QIBdTGZOhTHckB1xYY0bgffO71mhwjmSPJy4T5PiHx0IHDyEAs464hwFTTWjB8aha8bnaWDHwO32GMavwxy0BkrZkUQubcDSLCSYG6NEAopOFftEbT


#### Claudia Schmeing's system ####
# claudia@freeswan.org  +1 416 240 9474 (house) or +1 416 839 9284 (Sam's Cell)

conn claudia-host
	right=24.157.90.137
	rightid=@CPE0080C6E946A1.cpe.net.cable.rogers.com
	x-right-name=CPE0080C6E946A1.cpe.net.cable.rogers.com
	rightrsasigkey=0sAQPV+EDfEETCBC8GATv/pdRUy86lUeWFKY4ER5Iu+Ndfjwu7uKgVmdvS6jaXe2Go1dCSiyIIjM1yYNyrmympBlLCn7ngs3YjFkNwUwYU6gpYw1u3CfzUrs7mipAxJqlGh/AOxwJxWPStVyCK4gP7ncoWV4TjMUKu2ow9z8UZyeC7z91wm4eGeNO6m0U6cM7lUpiUZNjygX9q4iyKelNF+UCnf65Kz2W/ZHZ8cEZHYVur7YHIUfWWe9njU1gAZCGS8RTzvnX07KHw9ldgGc28Wo7OBK8M1CJE0vnx+X4JjeYLLYIDBkamS9c0YS0XAg+JcTXpMw8h/rnbHQAC04hoV3v/


#### freeswan.org ####
# Who is Sysadmin?  HD?  Kasper?

# liberty.freeswan.org is known as freeswan.org; web server
conn liberty-host
	right=195.24.22.215
	rightid=@freeswan.org
	x-right-name=libery.freeswan.org
	rightrsasigkey=0sAQOwMTRZ5Z7B2hsH44FaCZIL0VCa/ofNAvn0YX0a+ynPiA9thFdiMiDRHTm1OGRQ7clAkEyqGoMZahq7Eo4Z+KJO+wZHO17wAUviFqxGcnzl9iW7l4XgWTxua3GX89/uv+FmOSvWcOHUb2tXx/TV9ftkQLTvg9szWlJUZhjZ+IEAieL2N2V8U/aQU96vhOxsRhA2DhOZg4Sy207yQG546XzLxYylOn0OplyXId4NXioA6k3v4F5YhvX6pm2BrYHEwYoysXv7dsflKXy35K26hphMaHVdrY1+BOhvOGfEDXrDTbLoy4f6wOIqMEPlsVsUMQZPQ8lS3wyvC+qseyvL8K3h

# minuteman.freeswan.org will be public test machine
conn minuteman-host
	right=195.24.22.217
	rightid=@minuteman.freeswan.org
	x-right-name=minuteman.freeswan.org
	rightrsasigkey=0sAQNM46C3ZHAGvfx6pSED46DeH/JKc+Hge59laAlJ7a2qkbmHDvI6Feq50veQAFNM1RKnkrFasBjSAXl5HaImWo+bJIJXB+td9oeiVjWEGH3ObZ2WTT0ZktAzluO/eEyC25DN9Rf26xQ55M8EkNVCMAIbrshC9ki2Zs015jFMMB38buZ00RDnt34cqxMzg2gyasnpADYgTjehBAHvpEEZL7sc2aVzmSAdqkiCp90huXoftd6+yk/5FZ041ianYHsnwEsvfwaGX+9K+Ba56+Y9bmhPQLN2oSLIRTZ8tigVw2WbT+5EkvFibq/EoXOtb5HqVa9+KvlenoshwF8Royoqf/6R


#### Michael Richardson's Sandelman Software Works ####
# mcr@sandelman.ottawa.on.ca
# 2001 Oct 28 22:16:25 -0500
#
# tolkien characters, all

# Elros/Pippin test gateway
conn elros-net
	rightsubnet=192.139.46.56/29
	x-right-pinger=192.139.46.59
	x-right-pinger-name=ping1.pri.sandelman.ottawa.on.ca
	also=elros-host

# Elros
conn elros-host
	right=192.139.46.5
	x-right-name=gate1.pub.sandelman.ottawa.on.ca
	rightrsasigkey=0sAQPVDrkcCvOI3xw7bo735f+E8dnMRvFzMQZ3Rp5FmFpsdwn1vd2WMBjvFFlb5HK/nesWURIXSGnTy2Os4VXqnsAkh61wRUMhst7DoooJMgC6drIZiAGyKb0MHjsazcxM3tRpYp9LOx9R1nPUOsp9Gd7ltCwLs8yckHlhWAx+QoDWkw==
	rightnexthop=192.139.46.1

# Elros/Merry test gateway
conn elrond-net
	rightsubnet=192.139.46.48/29
	x-right-pinger=192.139.46.50
	x-right-pinger-name=merry.sandelman.ottawa.on.ca
	x-right-pinger-name=oetest.sandelman.ottawa.on.ca
	also=elrond-host

# Elrond
conn elrond-host
	right=192.139.46.7
	x-right-name=elrond.sandelman.ottawa.on.ca
	rightrsasigkey=0sAQOJbJd7lVj0eJS8Y+0vv0bbphKmherbH27gL6YQhDRKyx5DSRRiu/IpudysTP22Dd3CltSNPybzrhSaoYg3CFQygc3KrT5lLkRiJEKI6c95KYbSYbjvlTWHlVmxOhpR9U0IFiVA4D3CempA9KgfFRGtBgwTkN9xoNI7zBHehZ16Hw==
	rightnexthop=192.139.46.1

# MrCharlie/Cyphermail
conn mrcharlie-net
	rightsubnet=192.139.46.72/29
	x-right-pinger=192.139.46.78
	x-right-pinger-name=cyphermail.sandelman.ottawa.on.ca
	x-right-smtp-responder=cyphermail.sandelman.ottawa.on.ca
	also=mrcharlie-host

# MrCharlie (okay, not a tolkien character)
conn mrcharlie-host
	right=192.139.46.38
	x-right-name=mrcharlie.sandelman.ottawa.on.ca
	# rightrsasigkey=0sAQOrXJxB56Q28iOO43Va36elIFFKc/QB2orIeL94BdC5X4idFQZjSpsZTh48wKVXUE9xjwUkwR4R4/+1vjNN7KFp9fcqa2OxgjsoGqCn+3OPR8La9uyvZg0OBuSTj3qkbh/2HacAUJ7vqvjQ3W8Wj6sMXtTueR8NNcdSzJh149ch3zqfiXrxxna8+8UEDQaRR9KOPiSvXb2KjnuDan6hDKOT4qTZRRRCMWwnNQ9zPIMNbLBp0rNcZ+ZGFg2ckWtWh5yhv1iXYLV2vmd9DB6d4Dv8cW7scc3rPmDXpYR6APqPBRHlcbenfHCt+oCkEWse8OQhMM56KODIVQq3fejrfi1H
	rightrsasigkey=%dns
	rightnexthop=192.139.46.33
	x-right-oecapable=true

# marajade (Palpatine's hand, later turned to the light by Luke. Eventually
#		marries him.)
# MCR's notebook.
# Runs NetBSD, KAME+Racoon. Key extracted with fswcert.
#
conn    marajade-host
        right=%any
        rightid=@marajade.sandelman.ottawa.on.ca
        rightrsasigkey=0x030100019ECF78958330EEBD1A33DB5D668DD149C79CD8F79403444C802D96E25BA4B7D5795A51B9BB184EBBB8918C542BDF7D19AFF6DFF030EE666B23EC10DEE845DFA4EEC70EFA96CDC5B2026E5B1A9DCCBC6567133CAFF95734651FB4B3E47F16D3C1782C7CA72A84909FADA3CB147D10842455379E845B763DD5808830CC910076D1
	x-rsasigkey=0sAwEAAZ7PeJWDMO69GjPbXWaN0UnHnNj3lANETIAtluJbpLfVeVpRubsYTru4kYxUK999Ga/23/Aw7mZrI+wQ3uhF36Tuxw76ls3FsgJuWxqdzLxlZxM8r/lXNGUftLPkfxbTwXgsfKcqhJCfraPLFH0QhCRVN56EW3Y91YCIMMyRAHbR

# cassidy.
# MCR's Linux compute server. Also host for gnomemeeting.
conn    cassidy-host
        right=192.139.46.28
        rightid=@cassidy.sandelman.ottawa.on.ca
        rightrsasigkey=%dns


