embedaddon/ipsec-tools/src/racoon/samples/racoon.conf.sample-inherit - view

Return to racoon.conf.sample-inherit CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon / samples

File: [ELWIX - Embedded LightWeight unIX -] / embedaddon / ipsec-tools / src / racoon / samples / racoon.conf.sample-inherit
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Tue Feb 21 22:39:10 2012 UTC (12 years, 4 months ago) by misho
Branches: ipsec-tools, MAIN
CVS tags: v0_8_2p2, v0_8_1p0, v0_8_1, v0_8_0p0, v0_8_0, HEAD

ipsec-tools

# Id: racoon.conf.sample-inherit,v 1.3 2005/12/13 16:41:07 vanhu Exp
# Contributed by: Michal Ludvig <mludvig@suse.cz>, SUSE Labs

# This file shows the basic inheritance usage in 'remote' statements.

path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon";

remote anonymous
{
	exchange_mode main,aggressive;
	doi ipsec_doi;
	situation identity_only;

	my_identifier asn1dn;
	certificate_type x509 "my.cert.pem" "my.key.pem";

	nonce_size 16;
	initial_contact on;
	proposal_check strict;	# obey, strict or claim

	proposal {
		encryption_algorithm 3des;
		hash_algorithm sha1;
		authentication_method rsasig;
		dh_group 2;
	}
}

remote 3ffe:ffff::1 inherit anonymous
{
	exchange_mode aggressive;
	nat_traversal force;
}

remote 3ffe:ffff::1 [8000] inherit 3ffe:ffff::1
{
	lifetime time 1 min;	# sec,min,hour

	proposal {
		encryption_algorithm 3des;
		hash_algorithm sha1;
		authentication_method pre_shared_key;
		dh_group 2;
	}
}

sainfo anonymous
{
	pfs_group 2;
	lifetime time 12 hour;
	encryption_algorithm aes, 3des;
	authentication_algorithm hmac_sha1, hmac_md5;
	compression_algorithm deflate;
}

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>