net-firewall/ipsec-tools/files/racoon.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33

# THIS IS A SAMPLE FILE!
#
# This is a sample file to test Gentoo's ipsec-tools out of the box.
# Do not use it in production.  See: http://www.ipsec-howto.org/
#
path pre_shared_key "/etc/racoon/psk.txt";

#
# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
#
#remote 192.168.3.25
remote 192.168.3.21
{
	exchange_mode main;
	proposal {
		encryption_algorithm 3des;
		hash_algorithm md5;
		authentication_method pre_shared_key;
		dh_group modp1024;
	}
}

#
# Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer
#
#sainfo address 192.168.3.21 any address 192.168.3.25 any
sainfo address 192.168.3.25 any address 192.168.3.21 any
{
	pfs_group modp768;
	encryption_algorithm 3des;
	authentication_algorithm hmac_md5;
	compression_algorithm deflate;
}