# $KAME: racoon.conf.in,v 1.18 2001/08/16 06:33:40 itojun Exp $
path include "/etc/racoon" ;
path pre_shared_key "/etc/racoon/psk.txt" ;
# "log" specifies logging level.  It is followed by either "notify", "debug"
# or "debug2".
log debug;
# "padding" defines some parameter of padding.  You should not touch these.
padding
{
   maximum_length 20;# maximum padding length.
   randomize off;# enable randomize length.
   strict_check off;# enable strict check.
   exclusive_tail off;# extract last one octet.
}
# if no listen directive is specified, racoon will listen to all
# available interface addresses.
listen
{
   isakmp A.A.A.A [500];
}
# Specification of default various timer.
timer
{
   # These value can be changed per remote node.
   counter 5;# maximum trying count to send.
   interval 20 sec;# maximum interval to resend.
   persend 1;# the number of packets per a send.
   # timer for waiting to complete each phase.
   phase1 30 sec;
   phase2 15 sec;
}
remote B.B.B.B
{
#exchange_mode main,aggressive;
   exchange_mode aggressive,main;
   doi ipsec_doi;
   situation identity_only;
   nonce_size 16;
   lifetime time 60 min;# sec,min,hour
   initial_contact on;
   support_mip6 on;
   proposal_check obey;# obey, strict or claim
   proposal {
      encryption_algorithm blowfish;
      hash_algorithm sha1;
      authentication_method pre_shared_key ;
      dh_group 5 ;
      }
}
sainfo B.B.B.B
{
   pfs_group 5;
   lifetime time 24 hour;
   encryption_algorithm blowfish ;
   authentication_algorithm hmac_sha1;
   compression_algorithm deflate ;
}