diff options
Diffstat (limited to 'rootdir/etc/racoon/racoon.conf')
| -rw-r--r-- | rootdir/etc/racoon/racoon.conf | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/rootdir/etc/racoon/racoon.conf b/rootdir/etc/racoon/racoon.conf new file mode 100644 index 0000000..eb50a2d --- /dev/null +++ b/rootdir/etc/racoon/racoon.conf @@ -0,0 +1,35 @@ +#path certificate ""; +path certificate "/"; + +sainfo anonymous { + encryption_algorithm aes, 3des; + authentication_algorithm hmac_sha1, hmac_md5; + compression_algorithm deflate; + lifetime time 3600 sec; +} + +remote anonymous { + exchange_mode main; + doi ipsec_doi; + situation identity_only; + ike_frag on; + generate_policy on; + my_identifier asn1dn; + nat_traversal on; # always use NAT-T + ca_type x509 "ca.crt"; + certificate_type x509 "user.crt" "user.key"; + verify_identifier off; + verify_cert on; + nonce_size 16; + initial_contact on; + proposal_check obey; + + proposal { + authentication_method rsasig; + hash_algorithm sha1; + encryption_algorithm 3des; + lifetime time 3600 sec; + dh_group 2; + } +} + |