farcaller/racoon.conf

## racoon.conf
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

listen {
  isakmp 198.51.100.1 [500];
  isakmp_natt 198.51.100.1 [4500];
}

remote anonymous {
  proposal_check obey;
  passive on;
  exchange_mode main,aggressive;
  my_identifier fqdn "fqdn.example.net";
  mode_cfg on;
  verify_cert off;
  ike_frag on;
  generate_policy on;
  nat_traversal on;
  dpd_delay 20;
  proposal {
    encryption_algorithm aes;
    hash_algorithm sha1;
    authentication_method xauth_psk_server;
    dh_group 2;
  }
}

mode_cfg {
  conf_source local;

  auth_source system;
  save_passwd on;

  dns4 8.8.8.8;
  network4 10.0.0.1;
  pool_size 255;
}

sainfo anonymous {
  encryption_algorithm aes;
  authentication_algorithm hmac_sha1;
  compression_algorithm deflate;
}
	path pre_shared_key "/etc/racoon/psk.txt";
	path certificate "/etc/racoon/certs";

	listen {
	isakmp 198.51.100.1 [500];
	isakmp_natt 198.51.100.1 [4500];
	}

	remote anonymous {
	proposal_check obey;
	passive on;
	exchange_mode main,aggressive;
	my_identifier fqdn "fqdn.example.net";
	mode_cfg on;
	verify_cert off;
	ike_frag on;
	generate_policy on;
	nat_traversal on;
	dpd_delay 20;
	proposal {
	encryption_algorithm aes;
	hash_algorithm sha1;
	authentication_method xauth_psk_server;
	dh_group 2;
	}
	}

	mode_cfg {
	conf_source local;

	auth_source system;
	save_passwd on;

	dns4 8.8.8.8;
	network4 10.0.0.1;
	pool_size 255;
	}

	sainfo anonymous {
	encryption_algorithm aes;
	authentication_algorithm hmac_sha1;
	compression_algorithm deflate;
	}