Annotation of elwix/config/etc/default/racoon/roadwarrior/client/racoon.conf, revision 1.1.1.1
1.1 misho 1: path certificate "/etc/openssl/certs";
2: path pre_shared_key "/etc/racoon/psk.txt";
3:
4: listen {
5: adminsock "/var/racoon/racoon.sock" "root" "operator" 0660;
6: }
7:
8: remote 192.0.2.50 {
9: exchange_mode aggressive;
10: ca_type x509 "root-ca.crt";
11: proposal_check strict;
12: nat_traversal on;
13: ike_frag on;
14: mode_cfg on;
15: script "/etc/racoon/phase1-up.sh" phase1_up;
16: script "/etc/racoon/phase1-down.sh" phase1_down;
17: passive off;
18: proposal {
19: encryption_algorithm aes;
20: hash_algorithm sha1;
21: authentication_method hybrid_rsa_client;
22: dh_group 2;
23: }
24: }
25:
26:
27: sainfo anonymous {
28: pfs_group 2;
29: lifetime time 1 hour;
30: encryption_algorithm aes;
31: authentication_algorithm hmac_sha1;
32: compression_algorithm deflate ;
33: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>