Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- listen
- {
- adminsock "/var/db/racoon/racoon.sock" "root" "wheel" 0660;
- isakmp <gateway ip> [500];
- isakmp_natt <gateway ip> [4500];
- }
- mode_cfg
- {
- auth_source external;
- group_source system;
- pool_size 253;
- network4 192.168.21.1;
- netmask4 255.255.255.0;
- dns4 8.8.8.8;
- dns4 8.8.4.4;
- default_domain "localdomain";
- split_dns "localdomain";
- banner "/var/etc/ipsec/racoon.motd";
- save_passwd on;
- }
- remote anonymous
- {
- ph1id 3;
- exchange_mode aggressive;
- my_identifier address <gateway ip>;
- peers_identifier user_fqdn "<username@domain>";
- ike_frag on;
- generate_policy = unique;
- initial_contact = off;
- nat_traversal = force;
- support_proxy on;
- proposal_check obey;
- passive on;
- proposal
- {
- authentication_method xauth_psk_server;
- encryption_algorithm aes 256;
- hash_algorithm sha1;
- dh_group 2;
- lifetime time 28800 secs;
- }
- }
- sainfo anonymous
- {
- remoteid 3;
- encryption_algorithm aes 256;
- authentication_algorithm hmac_sha1;
- lifetime time 3600 secs;
- compression_algorithm deflate;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement