projects / bcm963xx.git / blob
? search:


796ba05bc3e515a0d3c391a9eb014c3245e16832
[bcm963xx.git] / userapps / broadcom / cfm / html / ipsconfig.html
1 <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2 <html>
3
4 <head>
5   <link rel="stylesheet" href="stylemain.css" type="text/css">
6   <link rel="stylesheet" href="colors.css" type="text/css">
7   <meta http-equiv="Pragma" content="no-cache">
8   <title> IPSec Settings</title>
9
10    <script language="javascript" src="util.js"></script>
11    <script language="javascript">
12    
13 <!-- hide
14
15 var ipsTableIndex = '<%ejGetJS(ipsTableIndex)%>';
16 var ipsConnName = '<%ejGetJS(ipsConnName)%>';
17 var ipsRemoteGWAddr = '<%ejGetJS(ipsRemoteGWAddr)%>';
18 var ipsLocalIPMode = '<%ejGetJS(ipsLocalIPMode)%>';
19 var ipsLocalIP = '<%ejGetJS(ipsLocalIP)%>';
20 var ipsLocalMask = '<%ejGetJS(ipsLocalMask)%>'; 
21 var ipsLocalRangeLo = '<%ejGetJS(ipsLocalRangeLo)%>';
22 var ipsLocalRangeHi = '<%ejGetJS(ipsLocalRangeHi)%>'; 
23 var ipsRemoteIPMode = '<%ejGetJS(ipsRemoteIPMode)%>';
24 var ipsRemoteIP = '<%ejGetJS(ipsRemoteIP)%>'; 
25 var ipsRemoteMask = '<%ejGetJS(ipsRemoteMask)%>';
26 var ipsRemoteRangeLo = '<%ejGetJS(ipsRemoteRangeLo)%>'; 
27 var ipsRemoteRangeHi = '<%ejGetJS(ipsRemoteRangeHi)%>';
28 var ipsKeyExM = '<%ejGetJS(ipsKeyExM)%>';
29 var ipsAuthM = '<%ejGetJS(ipsAuthM)%>';
30 var ipsPSK = '<%ejGetJS(ipsPSK)%>';
31 var ipsCertificateName = '<%ejGetJS(ipsCertificateName)%>';
32 var ipsPerfectFSEn = '<%ejGetJS(ipsPerfectFSEn)%>';
33 var ipsManualEncryptionAlgo = '<%ejGetJS(ipsManualEncryptionAlgo)%>';
34 var ipsManualEncryptionKey = '<%ejGetJS(ipsManualEncryptionKey)%>';
35 var ipsManualAuthAlgo = '<%ejGetJS(ipsManualAuthAlgo)%>';
36 var ipsManualAuthKey = '<%ejGetJS(ipsManualAuthKey)%>';
37 var ipsSPI = '<%ejGetJS(ipsSPI)%>';
38 var ipsPh1Mode = '<%ejGetJS(ipsPh1Mode)%>';
39 var ipsPh1EncryptionAlgo = '<%ejGetJS(ipsPh1EncryptionAlgo)%>';
40 var ipsPh1IntegrityAlgo = '<%ejGetJS(ipsPh1IntegrityAlgo)%>';
41 var ipsPh1DHGroup = '<%ejGetJS(ipsPh1DHGroup)%>';
42 var ipsPh1KeyTime = '<%ejGetJS(ipsPh1KeyTime)%>';
43 var ipsPh2EncryptionAlgo = '<%ejGetJS(ipsPh2EncryptionAlgo)%>';
44 var ipsPh2IntegrityAlgo = '<%ejGetJS(ipsPh2IntegrityAlgo)%>';
45 var ipsPh2DHGroup = '<%ejGetJS(ipsPh2DHGroup)%>';
46 var ipsPh2KeyTime = '<%ejGetJS(ipsPh2KeyTime)%>';
47
48
49 var showAdv = 0;
50
51
52 function setSelect(item, value)
53 {
54         for (i=0; i<item.options.length; i++) {
55         if (item.options[i].value == value) {
56                 item.selectedIndex = i;
57                 break;
58         }
59     }
60 }
61
62 function submitText(item, name)
63 {
64         return '&' + name + '=' + item.value;
65 }
66
67 function getSelect(item)
68 {
69         var idx;
70         if (item.options.length > 0) {
71             idx = item.selectedIndex;
72             return item.options[idx].value;
73         }
74         else {
75                 return '';
76     }
77 }
78
79 function submitSelect(item, name)
80 {
81         return '&' + name + '=' + getSelect(item);
82 }
83
84 function loadCertList()
85 {
86    with ( document.forms[0] ) {
87 <%ejGetStr(ipsCertList)%>
88    }
89 }
90
91 function localIPModeChange() {
92    with ( document.forms[0] ) {
93       var mode = localIPMode[localIPMode.selectedIndex].value;
94       switch ( mode ) {
95       case "subnet":
96         showhide("IP11", 1);
97         showhide("IP12", 1);
98         break; 
99       case "single":
100         showhide("IP11", 1);
101         showhide("IP12", 0);
102         break;
103       default:
104     }
105   }
106 }
107
108 function remoteIPModeChange() {
109    with ( document.forms[0] ) {
110       var mode = remoteIPMode[remoteIPMode.selectedIndex].value;
111       switch ( mode ) {
112       case "subnet":
113         showhide("IP21", 1);
114         showhide("IP22", 1);
115         break; 
116       case "single":
117         showhide("IP21", 1);
118         showhide("IP22", 0);
119         break;
120       default:
121     }
122   }
123 }
124
125
126 function keyauthChange() {
127    with ( document.forms[0] ) {
128       var keymode = keyExM[keyExM.selectedIndex].value;
129       var authmode = authM[authM.selectedIndex].value;
130       switch (keymode) {
131       case "auto":
132         showhide("AutoKeyEx", 1);
133         showhide("ManualKey", 0);
134         switch (authmode) {
135         case "pre_shared_key":
136           showhide("PSK", 1);
137           showhide("Certificate", 0);
138           break;
139         case "certificate":
140           showhide("PSK", 0);
141           showhide("Certificate", 1);
142           break;        
143         default:       
144         }
145         break; 
146       case "manual":
147         showhide("AutoKeyEx", 0);
148         showhide("ManualKey", 1);
149         showhide("PSK", 0);
150         showhide("Certificate", 0);
151                 showAdv = 0;
152                 showhideAdv(showAdv);
153         break;
154       default:
155       }
156   }
157 }
158
159 function switchAdv() {
160    with ( document.forms[0] ) {
161      showAdv = !showAdv;
162      showhideAdv(showAdv);
163    }
164 }
165
166 function showhideAdv(show) {
167    with ( document.forms[0] ) {
168      showhide("adv", show);
169      if (show) {
170          advSWButton.value = "Hide Advanced Settings";
171      }
172      else {
173          advSWButton.value = "Show Advanced Settings";
174      }
175      showAdv = show;
176    }
177 }
178
179 //////////////////////////
180
181 function formLoad()
182 {
183         loadCertList();
184         with ( document.forms[0] ) {
185                 connName.value = ipsConnName;
186                 remoteGWAddr.value = ipsRemoteGWAddr;
187                 setSelect(localIPMode, ipsLocalIPMode);
188                 localIP.value = ipsLocalIP; 
189                 localMask.value = ipsLocalMask;
190                 setSelect(remoteIPMode, ipsRemoteIPMode);
191                 remoteIP.value = ipsRemoteIP;
192                 remoteMask.value = ipsRemoteMask;
193                 setSelect(keyExM, ipsKeyExM);
194                 setSelect(authM, ipsAuthM);
195                 psk.value = ipsPSK;
196                 setSelect(certificateName, ipsCertificateName);
197                 perfectFSEn.value = ipsPerfectFSEn;
198                 setSelect(manualEncryptionAlgo, ipsManualEncryptionAlgo);
199                 manualEncryptionKey.value = ipsManualEncryptionKey;
200                 setSelect(manualAuthAlgo, ipsManualAuthAlgo)
201                 manualAuthKey.value = ipsManualAuthKey;
202                 spi.value = ipsSPI;
203                 setSelect(ph1Mode, ipsPh1Mode);
204                 setSelect(ph1EncryptionAlgo, ipsPh1EncryptionAlgo);
205                 setSelect(ph1IntegrityAlgo, ipsPh1IntegrityAlgo);
206                 setSelect(ph1DHGroup, ipsPh1DHGroup);
207                 ph1KeyTime.value = ipsPh1KeyTime;
208                 setSelect(ph2EncryptionAlgo, ipsPh2EncryptionAlgo);
209                 setSelect(ph2IntegrityAlgo, ipsPh2IntegrityAlgo);
210                 setSelect(ph2DHGroup, ipsPh2DHGroup);
211                 ph2KeyTime.value = ipsPh2KeyTime;
212         }
213         
214     localIPModeChange();
215     remoteIPModeChange();
216     keyauthChange();
217     showhideAdv(showAdv);
218     
219 }
220
221 function applyClick() {
222         var loc = 'ipsec.cmd?action=editsubmit';
223         with ( document.forms[0] ) {
224         
225                 if ( isValidNameWSpace(connName.value) == false ) {
226                         alert('Invalid connection name "' + connName.value + '".');
227                         return;
228                 }
229
230                 if ( isValidIpAddress(localIP.value) == false ) {
231                         alert('Local IP Address "' + localIP.value + '" is invalid.');
232                         return;
233                 }
234                 if ( getSelect(localIPMode) == "subnet" && isValidSubnetMask(localMask.value) == false ) {
235                         alert('Local Subnet Mask "' + localMask.value + '" is invalid.');
236                         return;
237                 }
238                 if ( isValidIpAddress(remoteIP.value) == false ) {
239                         alert('Remote IP Address "' + remoteIP.value + '" is invalid.');
240                         return;
241                 }
242                 if ( getSelect(remoteIPMode) == "subnet" && isValidSubnetMask(remoteMask.value) == false ) {
243                         alert('Remote Subnet Mask "' + remoteMask.value + '" is invalid.');
244                         return;
245                 }
246                 if ( getSelect(keyExM) == "auto" ) {
247                 val = parseInt(ph1KeyTime.value);
248                 if (  isNaN(val) == true || val < 0 ) {
249                    alert('Phase 1 Key Life Time is invalid.');
250                    showhideAdv(1);
251                    return;
252                 }
253                 val = parseInt(ph2KeyTime.value);
254                 if (  isNaN(val) == true || val < 0 ) {
255                    alert('Phase 2 Key Life Time is invalid.');
256                    showhideAdv(1);
257                    return;
258                 }
259                 if ( getSelect(authM) == "certificate") {
260                    if ( certificateName.options.length == 0) {
261                        alert('No certificate avaiable for authentication. Use Certificate menu to add certificates or choose another autentication method.');
262                        return;
263                    }
264                 }
265                 }
266                 if ( getSelect(keyExM) == "manual" ) {
267                         var ekeys;
268                         if ( getSelect(manualEncryptionAlgo) == "des-cbc") {
269                                 ekeys = 16;
270                         }
271                         else if ( getSelect(manualEncryptionAlgo) == "3des-cbc") {
272                                 ekeys = 48;
273                         }
274                         else {
275                                 ekeys = -1;
276                         }
277                         if ( ekeys != -1 && isValidHexKey(manualEncryptionKey.value, ekeys) == false) {
278                                 alert('Invalid Manual Encryption Key.');
279                                 return;
280                         }
281                         var akeys;
282                         if ( getSelect(manualAuthAlgo) == "hmac-md5") {
283                                 akeys = 32;
284                         }
285                         else if ( getSelect(manualAuthAlgo) == "hmac-sha1") {
286                                 akeys = 40;
287                         }
288                         else {
289                                 akeys = -1;
290                         }
291                         if ( akeys != -1 && isValidHexKey(manualAuthKey.value, akeys) == false) {
292                                 alert('Invalid Manual Authentication Key.');
293                                 return;
294                         }
295                 }
296         
297                 loc += '&ipsTableIndex=' + ipsTableIndex;   
298                 loc += '&ipsConnName=' + connName.value;
299                 loc += submitText(connName, 'ipsConnName');
300                 loc += submitText(remoteGWAddr, 'ipsRemoteGWAddr');
301                 loc += submitSelect(localIPMode, 'ipsLocalIPMode');
302                 loc += submitText(localIP, 'ipsLocalIP');
303                 loc += submitText(localMask, 'ipsLocalMask');
304                 loc += submitSelect(remoteIPMode, 'ipsRemoteIPMode');
305                 loc += submitText(remoteIP, 'ipsRemoteIP');
306                 loc += submitText(remoteMask, 'ipsRemoteMask');
307                 loc += submitSelect(keyExM, 'ipsKeyExM');
308                 loc += submitSelect(authM, 'ipsAuthM');
309                 loc += submitText(psk, 'ipsPSK');
310                 loc += submitSelect(certificateName, 'ipsCertificateName');
311                 loc += submitSelect(perfectFSEn, 'ipsPerfectFSEn');
312                 loc += submitSelect(manualEncryptionAlgo, 'ipsManualEncryptionAlgo');
313                 loc += submitText(manualEncryptionKey, 'ipsManualEncryptionKey');
314                 loc += submitSelect(manualAuthAlgo, 'ipsManualAuthAlgo');
315                 loc += submitText(manualAuthKey, 'ipsManualAuthKey');
316                 loc += submitText(spi, 'ipsSPI');
317                 loc += submitSelect(ph1Mode, 'ipsPh1Mode');
318                 loc += submitSelect(ph1EncryptionAlgo, 'ipsPh1EncryptionAlgo');
319                 loc += submitSelect(ph1IntegrityAlgo, 'ipsPh1IntegrityAlgo');
320                 loc += submitSelect(ph1DHGroup, 'ipsPh1DHGroup');
321                 loc += submitText(ph1KeyTime, 'ipsPh1KeyTime');
322                 loc += submitSelect(ph2EncryptionAlgo, 'ipsPh2EncryptionAlgo');
323                 loc += submitSelect(ph2IntegrityAlgo, 'ipsPh2IntegrityAlgo');
324                 loc += submitSelect(ph2DHGroup, 'ipsPh2DHGroup');
325                 loc += submitText(ph2KeyTime, 'ipsPh2KeyTime');
326                 
327         }
328         var code = 'location = "' + loc + '"';
329         eval(code);
330 }
331
332 // done hiding -->
333 </script>
334   
335 </head>
336
337 <body onLoad="formLoad()">
338 <blockquote>
339 <form>
340   <b>IPSec Settings</b> 
341   <br><br>
342   <table border="0" cellpadding="0" cellspacing="2" width="100%">
343     <tr>
344       <td width="40%"> IPSec Connection Name </td>
345       <td> <input name="connName" size="20" maxlength="60" value="testconnection" type="text"> </td>
346     </tr>
347     <tr>
348         <td width="40%">Remote IPSec Gateway Address (IP or Domain Name)</td>
349         <td><input name="remoteGWAddr" size="20" maxlength="255" value="" type="text"></td>
350     </tr>
351   </table></div>
352   <table border="0" cellpadding="0" cellspacing="2" width="100%">
353    <tr><td>&nbsp;</td></tr>
354     <tr>
355       <td width="40%"> Tunnel access from local IP addresses </td>
356       <td >
357       <select name="localIPMode" onchange="localIPModeChange();">
358         <option value="subnet">Subnet</option>
359         <option value="single">Single Address</option>
360       </select>
361     </td>
362     </tr>
363   </table>
364   <div id = "IP11"><table border="0" cellpadding="0" cellspacing="2" width="100%">
365     <tr>
366       <td width="40%">&nbsp;&nbsp; IP Address for VPN</td>
367         <td> <input name="localIP" type="text"> </td>
368       </td>
369     </tr>
370    </table></div>
371    <div id = "IP12"><table border="0" cellpadding="0" cellspacing="2" width="100%">
372       <tr>
373         <td width="40%">&nbsp;&nbsp; IP Subnetmask</td>
374         <td> <input name="localMask" type="text"> </td> 
375       </tr>
376    </table></div>
377    <table border="0" cellpadding="0" cellspacing="2" width="100%">
378       <tr><td></td><td>&nbsp;</td></tr>
379       <tr>
380         <td width="40%"> Tunnel access from remote IP addresses </td>
381         <td >
382         <select name="remoteIPMode" onchange="remoteIPModeChange();">
383         <option value="subnet" selected>Subnet</option>
384         <option value="single">Single Address</option>
385         </select>
386         </td>
387       </tr>
388    </table>
389    <div id = "IP21"><table border="0" cellpadding="0" cellspacing="2" width="100%">
390     <tr>
391       <td width="40%">&nbsp;&nbsp; IP Address for VPN</td>
392         <td> <input name="remoteIP" type="text"> </td>
393     </tr>
394    </table></div>
395    <div id = "IP22"><table border="0" cellpadding="0" cellspacing="2" width="100%">
396       <tr>
397         <td width="40%">&nbsp;&nbsp; IP Subnetmask</td>
398         <td> <input name="remoteMask" type="text"> </td>
399       </tr>
400     </table></div>
401     <table border="0" cellpadding="0" cellspacing="2" width="100%">
402     <tr><td>&nbsp;</td><td>&nbsp;</td></tr>
403      <tr> 
404         <td width="40%">Key Exchange Method </td>
405         <td><select name="keyExM" onChange="keyauthChange();">
406             <option value="auto">Auto(IKE)</option>
407             <option value="manual">Manual</option>
408           </select>
409         </td>
410      </tr> 
411      </table>
412     <div id="AutoKeyEx"><table border="0" cellpadding="0" cellspacing="2" width="100%">
413       <tr>
414         <td width="40%"> Authentication Method </td>
415         <td>
416           <select name="authM" onChange="keyauthChange();">
417             <option value="pre_shared_key">Pre-Shared Key</option>
418             <option value="certificate">Certificate (X.509)</option>
419           </select>
420         </td>
421       </tr>
422     </table> 
423     <div id="PSK"><table border="0" cellpadding="0" cellspacing="2" width="100%">
424        <tr>
425         <td width="40%">Pre-Shared Key</td>
426         <td> <input name="psk"></td>
427       </tr>
428     </table></div>
429     <div id="Certificate">
430       <table border="0" cellpadding="0" cellspacing="2" width="100%">
431         <tr>
432           <td width="40%"> Certificates </td>
433           <td><select name="certificateName">
434           </select></td>
435         </tr>
436       </table></div>
437      <table border="0" cellpadding="0" cellspacing="2" width="100%">
438       <tr>
439         <td width="40%">Perfect Forward Secrecy</td>
440         <td align="left" > 
441           <select name="perfectFSEn">
442             <option value="enable">Enable</option>
443             <option value="disable">Disable</option>
444           </select>
445         </td>
446      </tr> 
447      <tr><td>&nbsp;</td></tr>
448      <tr>
449        <td width="40%">Advanced IKE Settings</td>
450        <td><input name="advSWButton" type="button" value="Show Advanced Settings" onclick="switchAdv();" ></td>
451      </tr>
452     </table></div>
453     <div id="ManualKey"> <table border="0" cellpadding="0" cellspacing="2" width="100%">
454        <tr>
455         <td width="40%">Encryption Algorithm</td>
456         <td>
457           <select name="manualEncryptionAlgo">
458           <option value="des-cbc">DES</option>
459           <option value="3des-cbc" selected>3DES</option>
460           <option value="aes-ctr">AES</option>
461         </select>
462         </td>
463       </tr>
464       <tr>
465         <td width = "40%"> Encryption Key </td>
466         <td> <input name="manualEncryptionKey", size = "40" maxlength = "60" value="a0bc8475912431d1">  DES: 16 digit Hex, 3DES: 48 digit Hex <br></td>
467       </tr>
468       <tr>
469        <td width="40%">Authentication Algorithm</td>
470        <td>
471          <select name="manualAuthAlgo">
472            <option value="hmac-md5">MD5</option>
473            <option value="hmac-sha1">SHA1</option>
474          </select>
475        </td>
476      </tr>
477       <tr>
478         <td> Authentication Key </td>
479         <td> <input name="manualAuthKey" size="50" maxlength = "60" value="a0bc8475912431d1a7bc458ef12837516"> MD5: 32 digit Hex, SHA1: 40 digit Hex </td>
480       </tr>
481       <tr>
482         <td> SPI </td>
483         <td> <input name="spi" size="8" maxlength = "8" value="105"> Hex 100-FFFFFFFF</td>
484       </tr>      
485     </table></div>
486     <div id = "adv">
487     <table border="0" cellpadding="0" cellspacing="2" width="100%">
488      <tr>
489        <td> Phase 1</td>
490      </tr>
491      <tr>
492        <td width="40%">Mode</td>
493        <td>
494          <select name="ph1Mode">
495            <option value="main">Main</option>
496            <option value="aggressive">Aggressive</option>
497          </select>
498        </td>
499        </tr>
500        <tr>
501         <td width="40%">Encryption Algorithm</td>
502         <td>
503           <select name="ph1EncryptionAlgo">
504           <option value="des">DES</option>
505           <option value="3des" selected>3DES</option>
506           <option value="aes128">AES - 128</option>
507           <option value="aes192">AES - 192</option>
508           <option value="aes256">AES - 256</option>          
509         </select>
510         </td>
511       </tr>
512       <tr>
513        <td width="40%">Integrity Algorithm</td>
514        <td>
515          <select name="ph1IntegrityAlgo">
516            <option value="md5">MD5</option>
517            <option value="sha1">SHA1</option>
518          </select>
519        </td>
520        <tr>
521        <td width="40%">Select Diffie-Hellman Group for Key Exchange</td>
522        <td>
523          <select name="ph1DHGroup">
524            <option value="modp768">768bit</option>
525            <option value="modp1024">1024bit</option>
526            <option value="modp1536">1536bit</option>
527            <option value="modp2048">2048bit</option>
528            <option value="modp3072">3072bit</option>
529            <option value="modp4096">4096bit</option>
530            <option value="modp6144">6144bit</option>
531            <option value="modp8192">8192bit</option>
532          </select>
533        </td>
534       </tr>
535       <tr>
536         <td width="40%">Key Life Time </td>
537         <td> <input name="ph1KeyTime" > &nbsp Seconds </td>
538       </tr>
539       <tr>
540      <tr><td>&nbsp;</td></tr>
541      <tr>
542        <td> Phase 2</td>
543      </tr>
544      <tr>
545         <td width="40%">Encryption Algorithm</td>
546         <td>
547           <select name="ph2EncryptionAlgo">
548           <option value="des">DES</option>
549           <option value="3des" selected >3DES</option>
550           <option value="aes128">AES - 128</option>
551           <option value="aes192">AES - 192</option>
552           <option value="aes256">AES - 256</option>
553         </select>
554         </td>
555       </tr>
556       <tr>
557        <td width="40%">Integrity Algorithm</td>
558        <td>
559          <select name="ph2IntegrityAlgo">
560            <option value="hmac_md5">MD5</option>
561            <option value="hmac_sha1">SHA1</option>
562          </select>
563        </td>
564       </tr>
565       <tr>
566        <td width="40%">Select Diffie-Hellman Group for Key Exchange</td>
567        <td>
568          <select name="ph2DHGroup">
569            <option value="modp768">768bit</option>
570            <option value="modp1024">1024bit</option>
571            <option value="modp1536">1536bit</option>
572            <option value="modp2048">2048bit</option>
573            <option value="modp3072">3072bit</option>
574            <option value="modp4096">4096bit</option>
575            <option value="modp6144">6144bit</option>
576            <option value="modp8192">8192bit</option>
577          </select>
578        </td>
579       </tr>
580       <tr>
581         <td width="40%">Key Life Time </td>
582         <td> <input name="ph2KeyTime" > &nbsp Seconds </td>
583       </tr>
584    </table>
585     </div>
586     <table border="0" cellpadding="0" cellspacing="2" width="100%">
587       <tr><td></td><td>&nbsp;</td></tr>
588       <tr>
589         <td colspan="2" align="center"> 
590           <input value="Save / Apply" type="button" onclick="applyClick();" > 
591         </td>
592       </tr>
593   </table>
594 </form>
595 </blockquote>
596 </body>
597 </html>
Broadcom bcm963xx GPL archive