Thread: [Ipsec-tools-commits] ipsec-tools/src/racoon/samples racoon.conf.sample-inherit,NONE,1.1
Brought to you by:
mit_warlord,
netbsd
From: Michal L. <lu...@us...> - 2004-05-27 14:01:59
|
Update of /cvsroot/ipsec-tools/ipsec-tools/src/racoon/samples In directory sc8-pr-cvs1.sourceforge.net:/tmp/cvs-serv4637/src/racoon/samples Added Files: racoon.conf.sample-inherit Log Message: 2004-05-27 Michal Ludvig <ml...@su...> * src/racoon/racoon.conf.5: Document inheritance. * src/racoon/samples/racoon.conf.sample-inherit: Sample config file. --- NEW FILE: racoon.conf.sample-inherit --- # $Id: racoon.conf.sample-inherit,v 1.1 2004/05/27 14:01:42 ludvigm Exp $ # Contributed by: Michal Ludvig <ml...@su...>, SUSE Labs # This file show the basic inheritance usage in 'remote' statements. path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon"; remote anonymous { exchange_mode main,aggressive; doi ipsec_doi; situation identity_only; my_identifier asn1dn; certificate_type x509 "my.cert.pem" "my.key.pem"; nonce_size 16; initial_contact on; proposal_check obey; # obey, strict or claim proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method rsasig; dh_group 2; } } remote 3ffe:ffff::1 inherit anonymous { exchange_mode aggressive; nat_traversal force; } remote 3ffe:ffff::1 [8000] inherit 3ffe:ffff::1 { lifetime time 1 min; # sec,min,hour proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 2; } } sainfo anonymous { pfs_group 2; lifetime time 12 hour; encryption_algorithm aes, 3des; authentication_algorithm hmac_sha1, hmac_md5; compression_algorithm deflate; } |