# Racoon IKE daemon configuration file. # See 'man racoon.conf' for a description of the format and entries. path include "/etc/racoon"; path pre_shared_key "/etc/racoon/psk.txt"; path certificate "/etc/racoon/certs"; path script "/etc/racoon/scripts"; sainfo anonymous { #pfs_group 2; lifetime time 1 hour ; encryption_algorithm 3des, blowfish 448, rijndael ; authentication_algorithm hmac_sha1, hmac_md5 ; compression_algorithm deflate ; } remote anonymous { exchange_mode main; my_identifier fqdn ".user.vpn.cmu.local"; certificate_type x509 ".user.vpn.cmu.local.crt" ".user.vpn.cmu.local.key"; ca_type x509 "ca.crt"; mode_cfg on; script "p1_up_down" phase1_up; script "p1_up_down" phase1_down; proposal { encryption_algorithm 3des; hash_algorithm sha1; authentication_method xauth_rsa_client; dh_group 2; } }