diff options
Diffstat (limited to 'ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf')
-rw-r--r-- | ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf new file mode 100644 index 00000000..ae7d603a --- /dev/null +++ b/ipsec-tools/src/racoon/samples/roadwarrior/server/racoon.conf @@ -0,0 +1,42 @@ +path certificate "/etc/openssl/certs"; + +listen { + adminsock disabled; +} + +remote anonymous { + exchange_mode aggressive; + certificate_type x509 "server.crt" "server.key"; + my_identifier asn1dn; + proposal_check strict; + generate_policy on; + nat_traversal on; + dpd_delay 20; + ike_frag on; + proposal { + encryption_algorithm aes; + hash_algorithm sha1; + authentication_method hybrid_rsa_server; + dh_group 2; + } +} + +mode_cfg { + network4 10.99.99.0; + pool_size 255; + netmask4 255.255.255.0; + auth_source system; + dns4 10.0.12.1; + wins4 10.0.12.1; + banner "/etc/racoon/motd"; + pfs_group 2; +} + +sainfo anonymous { + pfs_group 2; + lifetime time 1 hour; + encryption_algorithm aes; + authentication_algorithm hmac_sha1; + compression_algorithm deflate; +} + |