racoon

1. nano racoon.conf
2. ####################
3. #VPN New 28.11.2012# Life new VPN connections
4. ####################
5. remote 212.58.160.130[17000]
6. {
7. my_identifier address 79.170.224.73;
8. peers_identifier address 212.58.160.130;
9. exchange_mode main;
10. doi ipsec_doi;
11. situation identity_only;
12. nonce_size 16;
13. lifetime time 8 hour;
14. initial_contact on;
15. proposal_check obey;
16. proposal {
17. encryption_algorithm 3des;
18. hash_algorithm sha1;
19. authentication_method pre_shared_key ;
20. dh_group 2;
21. }
22. }
23. ###################################################
24. ##sainfo for 28.11.2012# Life new VPN connections##
25. ###################################################
26. sainfo address 192.168.20.100/32 any address 172.16.197.18/32 any
27. {
28. # #pfs_group 2;
29. lifetime time 28800 sec;
30. encryption_algorithm 3des;
31. authentication_algorithm hmac_sha1;
32. compression_algorithm deflate;
33. }
34.  
35. nano setkey.conf
36. spdadd 172.16.197.18/32 192.168.20.100/32 any -P out ipsec esp/tunnel/79.170.224.73-212.58.160.130/require;
37. spdadd 192.168.20.100/32 172.16.197.18/32 any -P out ipsec esp/tunnel/212.58.160.130-79.170.224.73/require;
38.  
39.  
40. nano /etc/ipsec-tools.conf
41. spdadd 172.16.197.18/32 192.168.20.100/32 any -P out ipsec esp/tunnel/79.170.224.73-212.58.160.130/unique:31;
42. spdadd 192.168.20.100/32 172.16.197.18/32 any -P out ipsec esp/tunnel/212.58.160.130-79.170.224.73/unique:32;
43.  
44. nano psk.txt
45. 212.58.160.130 arvTstseSSmmow3vV
46.  
47.  
48. route -n
49. 172.16.197.16 0.0.0.0 255.255.255.248 U 0 0 0 eth0