Permalink
Browse files

remove it because it uses old syntax.

  • Loading branch information...
1 parent 26a3a3f commit 536c62f853caa3d26d5e15316969970f19db129e sakane committed Oct 5, 2001
Showing with 0 additions and 159 deletions.
  1. +0 −159 kame/kame/racoon/samples/sandiego.conf
@@ -1,159 +0,0 @@
-# $KAME: sandiego.conf,v 1.7 2000/03/26 10:52:59 itojun Exp $
-
-# search this file for pre_shared_key with various ID key.
-path pre_shared_key "./psk.txt" ;
-
-# racoon will search this directory if the certificate or certificate request
-# is received.
-path certificate "./cert.txt" ;
-
-# personal information.
-identifier vendor_id "KAME/racoon";
-identifier user_fqdn "sakane@kame.net";
-identifier fqdn "mine.kame.net";
-identifier keyid "./keyid.txt";
-
-# "log" specifies logging level. It is followed by either "info", "notify",
-# "debug" or "debug2".
-log debug2;
-
-# "padding" defines some parameter of padding. You should not touch these.
-padding {
- maximum_length 20; # maximum padding length.
- randomize off; # enable randomize length.
- restrict_check off; # enable restrict check.
- exclusive_tail off; # extract last one octet.
-}
-
-# if no listen directive is specified, racoon will listen to all
-# available interface addresses.
-listen {
-# isakmp 127.0.0.1 [7000];
-# isakmp 0.0.0.0 [500];
- admin [7002]; # administrative's port by kmpstat.
-}
-
-# Specification of default various timer.
-timer {
- # These value can be changed per remote node.
- counter 1; # maximum trying count to send.
- interval 30 sec; # maximum interval to resend.
- persend 1; # the number of packets per a send.
-
- # timer for waiting to complete each phase.
- phase1 20 sec;
- phase2 15 sec;
-}
-
-# main mode example, with "anonymous" (any peer) configuration
-remote anonymous
-{
- # In below case, main mode and aggressive mode are accepted. When
- # initiating, main mode is first to be sent.
- exchange_mode main, aggressive;
-
- identifier address;
- nonce_size 16;
-
- lifetime time 600 sec;
-
- # for aggressive mode definition.
- dh_group modp1024;
-
- proposal {
- encryption_algorithm 3des;
- hash_algorithm md5;
- authentication_method pre_shared_key ;
- dh_group modp1024;
- }
- proposal {
- encryption_algorithm des;
- hash_algorithm sha1;
- authentication_method pre_shared_key ;
- dh_group modp1024;
- }
- proposal {
- encryption_algorithm 3des;
- hash_algorithm sha1;
- authentication_method rsasig ;
- dh_group modp1024;
- }
-}
-
-remote 194.100.55.1 [500]
-{
- exchange_mode main, aggressive;
-
- # default doi is "ipsec_doi".
- doi ipsec_doi;
-
- # default situation is "identity_only".
- situation identity_only;
-
- # specify the identifier type
- # "address", "fqdn", "user_fqdn", "keyid"
- identifier user_fqdn;
-
- # specify the bytes length of nonce.
- nonce_size 16;
-
- # means to do keep-a-live. This should not be used in dial-up.
- keepalive;
-
- dh_group modp1024;
-
- proposal {
- # they can be defined explicitly.
- encryption_algorithm des;
- hash_algorithm md5;
- dh_group modp768;
- authentication_method pre_shared_key ;
- }
- proposal {
- encryption_algorithm 3des;
- authentication_method pre_shared_key ;
-
- # they can be defined individually.
- lifetime time 5 min;
- lifetime byte 2 MB;
- }
-}
-
-policy 206.175.160.20/32 206.175.160.21/32 any inout ipsec
-{
- #pfs_group modp768;
-
- # This proposal means IP2|AH|ESP|ULP.
- proposal {
- lifetime time 300 second;
- lifetime byte 10000 KB;
-
- protocol esp {
- level require ;
- mode transport ;
- encryption_algorithm des ;
- authentication_algorithm hmac_sha1 ;
- }
-
- # "ah" means AH.
- protocol ah {
- level require ;
- mode transport ;
- authentication_algorithm hmac_sha1 ;
- }
- }
-
- # This proposal means IP2|ESP|ULP.
- proposal {
- lifetime time 600 second;
- lifetime byte 10000 KB;
- protocol esp {
- level require ;
- mode transport ;
- encryption_algorithm des ;
- authentication_algorithm hmac_sha1 ;
- }
- }
-
-}
-

0 comments on commit 536c62f

Please sign in to comment.