Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1
novell-ipsec-tools
racoon.conf.turnpike
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File racoon.conf.turnpike of Package novell-ipsec-tools
# $KAME: racoon.conf.in,v 1.18 2001/08/16 06:33:40 itojun Exp $ # "path" must be placed before it should be used. # You can overwrite which you defined, but it should not use due to confusing. path include "/etc/racoon"; #include "remote.conf"; # search this file for pre_shared_key with various ID key. path pre_shared_key "/etc/racoon/psk.txt"; # racoon will look for certificate file in the directory, # if the certificate/certificate request payload is received. path certificate "/etc/racoon/cert"; # "log" specifies logging level. It is followed by either "notify", "debug" # or "debug2". log notify; # "padding" defines some parameter of padding. You should not touch these. padding { maximum_length 20; # maximum padding length. randomize off; # enable randomize length. strict_check off; # enable strict check. exclusive_tail off; # extract last one octet. } # if no listen directive is specified, racoon will listen to all # available interface addresses. listen { #isakmp ::1 [7000]; #isakmp 202.249.11.124 [500]; #admin [7002]; # administrative's port by kmpstat. #strict_address; # required all addresses must be bound. adminsock "/run/racoon/racoon.sock" "root" "users" 660; } # Specification of default various timer. timer { # These value can be changed per remote node. counter 5; # maximum trying count to send. interval 20 sec; # maximum interval to resend. persend 1; # the number of packets per a send. # timer for waiting to complete each phase. phase1 30 sec; phase2 15 sec; } remote anonymous { nat_traversal on; exchange_mode main; doi ipsec_doi; situation identity_only; verify_cert off; my_identifier asn1dn; certificate_type x509 "usercert.pem" "userkeyunenc.pem"; nonce_size 16; initial_contact on; proposal_check obey; # obey, strict or claim proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm des; hash_algorithm md5; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm des; hash_algorithm sha1; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm des; hash_algorithm md5; authentication_method rsasig; dh_group 1; } proposal { encryption_algorithm des; hash_algorithm sha1; authentication_method rsasig; dh_group 1; } } remote ::1 [8000] { #exchange_mode main,aggressive; exchange_mode aggressive,main; doi ipsec_doi; situation identity_only; my_identifier user_fqdn "sakane@kame.net"; peers_identifier user_fqdn "sakane@kame.net"; #certificate_type x509 "mycert" "mypriv"; nonce_size 16; lifetime time 1 min; # sec,min,hour proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 1; } } sainfo address 203.178.141.209 any address 203.178.141.218 any { pfs_group 2; lifetime time 30 sec; encryption_algorithm des; authentication_algorithm hmac_md5; compression_algorithm deflate; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor