summaryrefslogtreecommitdiffstats
path: root/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf
diff options
context:
space:
mode:
Diffstat (limited to 'ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf')
-rw-r--r--ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf42
1 files changed, 42 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf
new file mode 100644
index 00000000..ae7d603a
--- /dev/null
+++ b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf
@@ -0,0 +1,42 @@
+path certificate "/etc/openssl/certs";
+
+listen {
+ adminsock disabled;
+}
+
+remote anonymous {
+ exchange_mode aggressive;
+ certificate_type x509 "server.crt" "server.key";
+ my_identifier asn1dn;
+ proposal_check strict;
+ generate_policy on;
+ nat_traversal on;
+ dpd_delay 20;
+ ike_frag on;
+ proposal {
+ encryption_algorithm aes;
+ hash_algorithm sha1;
+ authentication_method hybrid_rsa_server;
+ dh_group 2;
+ }
+}
+
+mode_cfg {
+ network4 10.99.99.0;
+ pool_size 255;
+ netmask4 255.255.255.0;
+ auth_source system;
+ dns4 10.0.12.1;
+ wins4 10.0.12.1;
+ banner "/etc/racoon/motd";
+ pfs_group 2;
+}
+
+sainfo anonymous {
+ pfs_group 2;
+ lifetime time 1 hour;
+ encryption_algorithm aes;
+ authentication_algorithm hmac_sha1;
+ compression_algorithm deflate;
+}
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-03 18:10:17 +0000