7u83-ipsec/templates/racoon.conf.erb

29 lines
577 B
Plaintext

#
# racoon.conf Managed by Puppet
#
log notify;
path pre_shared_key "<%= @racoon_pskfile %>";
path certificate "/etc/racoon/certs";
remote anonymous {
exchange_mode main;
proposal {
encryption_algorithm aes_256;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group modp1024;
}
generate_policy on;
}
sainfo anonymous{
pfs_group 2;
encryption_algorithm aes_256;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
}