1 files changed, 55 insertions, 0 deletions

diff --git a/ipsec-tools/src/racoon/samples/racoon.conf.sample-inherit b/ipsec-tools/src/racoon/samples/racoon.conf.sample-inherit
new file mode 100644
index 00000000..9e1185f1
--- /dev/null
+++ b/ipsec-tools/src/racoon/samples/racoon.conf.sample-inherit
@@ -0,0 +1,55 @@
+# Id: racoon.conf.sample-inherit,v 1.3 2005/12/13 16:41:07 vanhu Exp
+# Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs
+
+# This file shows the basic inheritance usage in 'remote' statements.
+
+path pre_shared_key "/etc/racoon/psk.txt";
+path certificate "/etc/racoon";
+
+remote anonymous
+{
+	exchange_mode main,aggressive;
+	doi ipsec_doi;
+	situation identity_only;
+
+	my_identifier asn1dn;
+	certificate_type x509 "my.cert.pem" "my.key.pem";
+
+	nonce_size 16;
+	initial_contact on;
+	proposal_check strict;	# obey, strict or claim
+
+	proposal {
+		encryption_algorithm 3des;
+		hash_algorithm sha1;
+		authentication_method rsasig;
+		dh_group 2;
+	}
+}
+
+remote 3ffe:ffff::1 inherit anonymous
+{
+	exchange_mode aggressive;
+	nat_traversal force;
+}
+
+remote 3ffe:ffff::1 [8000] inherit 3ffe:ffff::1
+{
+	lifetime time 1 min;	# sec,min,hour
+
+	proposal {
+		encryption_algorithm 3des;
+		hash_algorithm sha1;
+		authentication_method pre_shared_key;
+		dh_group 2;
+	}
+}
+
+sainfo anonymous
+{
+	pfs_group 2;
+	lifetime time 12 hour;
+	encryption_algorithm aes, 3des;
+	authentication_algorithm hmac_sha1, hmac_md5;
+	compression_algorithm deflate;
+}