and added files

[bcm963xx.git] / userapps / opensource / ipsec-tools / src / racoon / samples / roadwarrior / client / racoon.conf

path certificate "/etc/openssl/certs";
path pre_shared_key "/etc/racoon/psk.txt";

listen {
        adminsock "/var/racoon/racoon.sock" "root" "operator" 0660;
}

remote 192.0.2.50 {
        exchange_mode aggressive;
        ca_type x509 "root-ca.crt";
        proposal_check obey;
        nat_traversal on;
        ike_frag on;
        mode_cfg on;
        script "/etc/racoon/phase1-up.sh" phase1_up;
        script "/etc/racoon/phase1-down.sh" phase1_down;
        passive off;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method hybrid_rsa_client;
                dh_group 2;
        }
}


sainfo anonymous {
        pfs_group 2;
        lifetime time 12 hour ;
        encryption_algorithm 3des, cast128, blowfish 448;
        authentication_algorithm hmac_sha1;
        compression_algorithm deflate ;
}