Example racoon.conf file

Previous  Next

---

Here is an example of a racoon.conf file that would work well with the client ...

path certificate "/usr/local/etc/racoon/cert";

remote anonymous {

    exchange_mode aggressive;

    certificate_type x509 "vpngw.crt" "vpngw.key";

    my_identifier asn1dn;

    proposal_check strict;

    lifetime time 24 hour;

    generate_policy on;

    nat_traversal on;

    ike_frag on;

    esp_frag 552;

    proposal {

        encryption_algorithm 3des;

        hash_algorithm md5;

        authentication_method hybrid_rsa_server;

        dh_group 2;

    }

}

mode_cfg {

    pool_size 253;

    network4 10.99.99.1;

    netmask4 255.255.255.0;

    auth_source system;

    dns4 10.100.100.1;

    wins4 10.100.100.2;

    split_network include 10.100.100.0/24;

    default_domain "mydomain.net";

}

sainfo anonymous {

    lifetime time 8 hour;

    encryption_algorithm 3des;

    authentication_algorithm hmac_md5;

}