# 
# racoon.conf Managed by Puppet
#

log notify;
path pre_shared_key "<%= @racoon_pskfile %>";

path certificate "/etc/racoon/certs";

remote anonymous {
        exchange_mode main;
        proposal {
                encryption_algorithm aes_256;
                hash_algorithm md5;
                authentication_method pre_shared_key;
                dh_group modp1024;
        }
        generate_policy on;
}

sainfo anonymous{
        pfs_group 2;
        encryption_algorithm aes_256;
        authentication_algorithm hmac_md5;
        compression_algorithm deflate;
}