Created
October 4, 2014 16:40
-
-
Save WeZZard/0b3614424032d783cd2e to your computer and use it in GitHub Desktop.
A racoon configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| log info; | |
| path include "/etc/racoon/ip.conf"; | |
| path include "/etc/racoon"; | |
| path pre_shared_key "/etc/racoon/psk.txt"; | |
| listen { | |
| isakmp MY.SERVER.IP.ADDRESS [500]; #IP address on the Internet | |
| isakmp_natt MY.SERVER.IP.ADDRESS [4500]; #IP address on the Internet | |
| } | |
| remote anonymous { | |
| exchange_mode main,aggressive; | |
| doi ipsec_doi; | |
| nat_traversal on; | |
| proposal_check obey; | |
| generate_policy unique; | |
| ike_frag on; | |
| passive on; | |
| dpd_delay = 30; | |
| dpd_retry = 30; | |
| dpd_maxfail = 800; | |
| mode_cfg = on; | |
| proposal { | |
| encryption_algorithm aes; | |
| hash_algorithm sha1; | |
| authentication_method xauth_psk_server; | |
| dh_group 2; | |
| lifetime time 12 hour; | |
| } | |
| } | |
| timer{ | |
| natt_keepalive 20 sec; | |
| } | |
| sainfo anonymous { | |
| lifetime time 12 hour; | |
| encryption_algorithm aes,3des,des; | |
| authentication_algorithm hmac_sha1,hmac_md5; | |
| compression_algorithm deflate; | |
| } | |
| mode_cfg { | |
| dns4 8.8.8.8,8.8.4.4; | |
| save_passwd on; | |
| network4 10.12.0.100; #First client IP address in the pool | |
| netmask4 255.255.255.0; | |
| pool_size 250; | |
| banner "/etc/racoon/motd"; | |
| auth_source pam; | |
| conf_source local; | |
| pfs_group 2; | |
| default_domain "local"; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment