Annotation of elwix/config/etc/default/racoon/roadwarrior/server/racoon.conf, revision 1.1.1.1
1.1 misho 1: path certificate "/etc/openssl/certs";
2:
3: listen {
4: adminsock disabled;
5: }
6:
7: remote anonymous {
8: exchange_mode aggressive;
9: certificate_type x509 "server.crt" "server.key";
10: my_identifier asn1dn;
11: proposal_check strict;
12: generate_policy on;
13: nat_traversal on;
14: dpd_delay 20;
15: ike_frag on;
16: proposal {
17: encryption_algorithm aes;
18: hash_algorithm sha1;
19: authentication_method hybrid_rsa_server;
20: dh_group 2;
21: }
22: }
23:
24: mode_cfg {
25: network4 10.99.99.0;
26: pool_size 255;
27: netmask4 255.255.255.0;
28: auth_source system;
29: dns4 10.0.12.1;
30: wins4 10.0.12.1;
31: banner "/etc/racoon/motd";
32: pfs_group 2;
33: }
34:
35: sainfo anonymous {
36: pfs_group 2;
37: lifetime time 1 hour;
38: encryption_algorithm aes;
39: authentication_algorithm hmac_sha1;
40: compression_algorithm deflate;
41: }
42:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>