diff options
Diffstat (limited to 'ipsec-tools/src/racoon/samples/roadwarrior/client/racoon.conf')
-rw-r--r-- | ipsec-tools/src/racoon/samples/roadwarrior/client/racoon.conf | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/samples/roadwarrior/client/racoon.conf b/ipsec-tools/src/racoon/samples/roadwarrior/client/racoon.conf new file mode 100644 index 00000000..669be362 --- /dev/null +++ b/ipsec-tools/src/racoon/samples/roadwarrior/client/racoon.conf @@ -0,0 +1,33 @@ +path certificate "/etc/openssl/certs"; +path pre_shared_key "/etc/racoon/psk.txt"; + +listen { + adminsock "/var/racoon/racoon.sock" "root" "operator" 0660; +} + +remote 192.0.2.50 { + exchange_mode aggressive; + ca_type x509 "root-ca.crt"; + proposal_check strict; + nat_traversal on; + ike_frag on; + mode_cfg on; + script "/etc/racoon/phase1-up.sh" phase1_up; + script "/etc/racoon/phase1-down.sh" phase1_down; + passive off; + proposal { + encryption_algorithm aes; + hash_algorithm sha1; + authentication_method hybrid_rsa_client; + dh_group 2; + } +} + + +sainfo anonymous { + pfs_group 2; + lifetime time 1 hour; + encryption_algorithm aes; + authentication_algorithm hmac_sha1; + compression_algorithm deflate ; +} |