# THIS IS A SAMPLE FILE! # # This is a sample file to test Gentoo's ipsec-tools out of the box. # Do not use it in production. See: http://www.ipsec-howto.org/ # path pre_shared_key "/etc/racoon/psk.txt"; # # Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer # #remote 192.168.3.25 remote 192.168.3.21 { exchange_mode main; proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method pre_shared_key; dh_group modp1024; } } # # Make sure to switch 192.168.3.21 <-> 192.168.3.25 on the peer # #sainfo address 192.168.3.21 any address 192.168.3.25 any sainfo address 192.168.3.25 any address 192.168.3.21 any { pfs_group modp768; encryption_algorithm 3des; authentication_algorithm hmac_md5; compression_algorithm deflate; }