Return to racoon.conf.sample-inherit CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / elwix / config / etc / default / racoon

ELWIX project

    1: # Id: racoon.conf.sample-inherit,v 1.3 2005/12/13 16:41:07 vanhu Exp
    2: # Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs
    3: 
    4: # This file shows the basic inheritance usage in 'remote' statements.
    5: 
    6: path pre_shared_key "/etc/racoon/psk.txt";
    7: path certificate "/etc/racoon";
    8: 
    9: remote anonymous
   10: {
   11: 	exchange_mode main,aggressive;
   12: 	doi ipsec_doi;
   13: 	situation identity_only;
   14: 
   15: 	my_identifier asn1dn;
   16: 	certificate_type x509 "my.cert.pem" "my.key.pem";
   17: 
   18: 	nonce_size 16;
   19: 	initial_contact on;
   20: 	proposal_check strict;	# obey, strict or claim
   21: 
   22: 	proposal {
   23: 		encryption_algorithm 3des;
   24: 		hash_algorithm sha1;
   25: 		authentication_method rsasig;
   26: 		dh_group 2;
   27: 	}
   28: }
   29: 
   30: remote 3ffe:ffff::1 inherit anonymous
   31: {
   32: 	exchange_mode aggressive;
   33: 	nat_traversal force;
   34: }
   35: 
   36: remote 3ffe:ffff::1 [8000] inherit 3ffe:ffff::1
   37: {
   38: 	lifetime time 1 min;	# sec,min,hour
   39: 
   40: 	proposal {
   41: 		encryption_algorithm 3des;
   42: 		hash_algorithm sha1;
   43: 		authentication_method pre_shared_key;
   44: 		dh_group 2;
   45: 	}
   46: }
   47: 
   48: sainfo anonymous
   49: {
   50: 	pfs_group 2;
   51: 	lifetime time 12 hour;
   52: 	encryption_algorithm aes, 3des;
   53: 	authentication_algorithm hmac_sha1, hmac_md5;
   54: 	compression_algorithm deflate;
   55: }