[apple/network_cmds.git] / racoon.tproj / anonymous.conf

remote anonymous
{
        #exchange_mode main,aggressive;
        exchange_mode aggressive,main;
        doi ipsec_doi;
        situation identity_only;

        #my_identifier address;
        my_identifier user_fqdn "macuser@localhost";
        peers_identifier user_fqdn "macuser@localhost";
        #certificate_type x509 "mycert" "mypriv";

        nonce_size 16;
        lifetime time 1 min;    # sec,min,hour
        initial_contact on;
        support_mip6 on;
        proposal_check obey;    # obey, strict or claim

        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method pre_shared_key ;
                dh_group 2 ;
        }
}

sainfo anonymous
{
	pfs_group 1;
	lifetime time 30 sec;
	encryption_algorithm aes, 3des ;
	authentication_algorithm hmac_sha1;
	compression_algorithm deflate ;
}
Commit	Line	Data
ac2f15b3 A	1	remote anonymous
	2	{
	3	#exchange_mode main,aggressive;
	4	exchange_mode aggressive,main;
	5	doi ipsec_doi;
	6	situation identity_only;
	7
	8	#my_identifier address;
	9	my_identifier user_fqdn "macuser@localhost";
	10	peers_identifier user_fqdn "macuser@localhost";
	11	#certificate_type x509 "mycert" "mypriv";
	12
	13	nonce_size 16;
	14	lifetime time 1 min; # sec,min,hour
	15	initial_contact on;
	16	support_mip6 on;
	17	proposal_check obey; # obey, strict or claim
	18
	19	proposal {
	20	encryption_algorithm 3des;
	21	hash_algorithm sha1;
	22	authentication_method pre_shared_key ;
	23	dh_group 2 ;
	24	}
	25	}
	26
	27	sainfo anonymous
	28	{
	29	pfs_group 1;
	30	lifetime time 30 sec;
	31	encryption_algorithm aes, 3des ;
	32	authentication_algorithm hmac_sha1;
	33	compression_algorithm deflate ;
	34	}