diff options
Diffstat (limited to 'ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius')
-rw-r--r-- | ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius new file mode 100644 index 00000000..24e8d4e8 --- /dev/null +++ b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf-radius @@ -0,0 +1,42 @@ +path certificate "/etc/openssl/certs"; + +listen { + adminsock disabled; +} + +remote anonymous { + exchange_mode aggressive; + certificate_type x509 "server.crt" "server.key"; + my_identifier asn1dn; + proposal_check strict; + generate_policy on; + nat_traversal on; + dpd_delay 20; + ike_frag on; + proposal { + encryption_algorithm aes; + hash_algorithm sha1; + authentication_method hybrid_rsa_server; + dh_group 2; + } +} + +mode_cfg { + pool_size 255; + auth_source radius; + conf_source radius; + accounting radius; + dns4 10.0.12.1; + wins4 10.0.12.1; + banner "/etc/racoon/motd"; + pfs_group 2; +} + +sainfo anonymous { + pfs_group 2; + lifetime time 1 hour; + encryption_algorithm aes; + authentication_algorithm hmac_sha1; + compression_algorithm deflate; +} + |