ADC Home > Reference Library > Reference > Mac OS X > Mac OS X Man Pages

 

This document is a Mac OS X manual page. Manual pages are a command-line technology for providing documentation. You can view these manual pages locally using the man(1) command. These manual pages come from many different sources, and thus, have a variety of writing styles.

This manual page is associated with Mac OS X Server. It is not available on standard Mac OS X (client) installations.

For more information about the manual page format, see the manual page for manpages(5).


s2svpnadmin(8)            BSD System Manager's Manual           s2svpnadmin(8)

NAME
     s2svpnadmin -- command line tool to configure and display currently configured site-to-site VPN servers

SYNOPSIS
     s2svpnadmin

DESCRIPTION
     The s2svpnadmin command line tool is an interactive tool used to list currently configured site-to-site
     VPN servers, display their configuration details, add a new configuration and delete an existing con-figuration. configuration.
     figuration. This tool can only be utilized to configure a local VPN server, not a remote one. To set up
     a site-to-site server successfully, you shall need to configure the two VPN gateway servers at the two
     sites independently. However, certain parameters must be kept common for a successful configuration.

     The s2svpnadmin tool identifies each site-to-site server with an identifying string. This string should
     not have any spaces in it. When configuring a new server, s2svpnadmin prompts the user to enter the
     name of such a string. Other than the name, various other details are required such as the gateway
     addresses of the local and remote sites and a form of IPSec authentication to use. All IPv4 addresses
     are validated. If an invalid entry is made, s2svpnadmin will force you to start all over again.

     Two forms of authentication are supported: shared-secret and certificate based.  Before choosing cer-tificate certificate
     tificate based authentication, ensure that at least one certificate is currently installed on the
     server.  s2svpnadmin will display a list of currently installed certificates and prompt the user to
     choose one of these. Certificates can be created, self-signed and installed using the Server Admin
     tool.If shared secret is  desired, ensure that the same shared secret is configured on the VPN server
     at the other site.

     s2svpnadmin will also prompt for the creation of one or more policies. Policies are made of a local
     network and a remote network. A network is specified by a network address and the number of prefix bits
     that must be masked in an IPv4 address to determine the network address it corresponds to. Ensure that
     a compatible policy is configured on both VPN servers.

     Lastly s2svpnadmin will ask if the server needs to be enabled. By default it is enabled. Currently
     s2svpnadmin does not support editing a configuration, so if the server is not enabled, the configura-tion configuration
     tion will need to be deleted and recreated and enabled at a later time.

     s2svpnadmin must be run as root.

DIAGNOSTICS
     The s2svpnadmin utility exits 0 on success, and >0 if an error occurs.

SEE ALSO
     pppd(8), vpnd(8)

Mac OS X Server               September 10, 2004               Mac OS X Server

Did this document help you?
Yes: Tell us what works for you.
It’s good, but: Report typos, inaccuracies, and so forth.
It wasn’t helpful: Tell us what would have helped.