Difference between revisions of "IPSEC-Racoon tunnels using gif(4) and rotating keys"
Jump to navigation
Jump to search
(Created page with "log debug; path pre_shared_key "/usr/local/etc/racoon/psk.txt"; listen { isakmp 10.0.11.1 [500]; isakmp_natt 10.0.11.1 [4500]; isakmp 10.0.11.7 [500];...") |
|||
Line 1: | Line 1: | ||
+ | <pre> | ||
log debug; | log debug; | ||
path pre_shared_key "/usr/local/etc/racoon/psk.txt"; | path pre_shared_key "/usr/local/etc/racoon/psk.txt"; | ||
Line 40: | Line 41: | ||
compression_algorithm deflate; | compression_algorithm deflate; | ||
} | } | ||
+ | </pre> |
Latest revision as of 13:38, 18 January 2019
log debug; path pre_shared_key "/usr/local/etc/racoon/psk.txt"; listen { isakmp 10.0.11.1 [500]; isakmp_natt 10.0.11.1 [4500]; isakmp 10.0.11.7 [500]; isakmp_natt 10.0.11.7 [4500]; isakmp 10.0.11.8 [500]; isakmp_natt 10.0.11.8 [4500]; isakmp 10.0.11.4 [500]; isakmp_natt 10.0.11.4 [4500]; isakmp 10.0.11.5 [500]; isakmp_natt 10.0.11.5 [4500]; isakmp 10.0.11.9 [500]; isakmp_natt 10.0.11.9 [4500]; } remote anonymous { dpd_delay 60; lifetime time 2 hour; my_identifier address 1.2.3.4; proposal_check obey; exchange_mode main,aggressive; proposal { encryption_algorithm blowfish; hash_algorithm md5; authentication_method pre_shared_key; dh_group 2; } generate_policy off; } sainfo anonymous{ pfs_group 2; lifetime time 1 hour; encryption_algorithm blowfish,3des; authentication_algorithm hmac_md5,hmac_sha1; compression_algorithm deflate; }