src/racoon/samples/roadwarrior/server/racoon.conf-radius - platform/external/ipsec-tools - Git at Google

 path certificate "/etc/openssl/certs";

 listen {
 	adminsock disabled;
 }

 remote anonymous {
 	exchange_mode aggressive;
 	certificate_type x509 "server.crt" "server.key";
 	my_identifier asn1dn;
 	proposal_check strict;
 	generate_policy on;
 	nat_traversal on;
 	dpd_delay 20;
 	ike_frag on;
 	proposal {
 		encryption_algorithm aes;
 		hash_algorithm sha1;
 		authentication_method hybrid_rsa_server;
 		dh_group 2;
 	}
 }

 mode_cfg {
 	pool_size 255;
 	auth_source radius;
 	conf_source radius;
 	accounting radius;
 	dns4 10.0.12.1;
 	wins4 10.0.12.1;
 	banner "/etc/racoon/motd";
 	pfs_group 2;
 }

 sainfo anonymous {
 	pfs_group 2;
 	lifetime time 1 hour;
 	encryption_algorithm aes;
 	authentication_algorithm hmac_sha1;
 	compression_algorithm deflate;
 }
	path certificate "/etc/openssl/certs";

	listen {
	adminsock disabled;
	}

	remote anonymous {
	exchange_mode aggressive;
	certificate_type x509 "server.crt" "server.key";
	my_identifier asn1dn;
	proposal_check strict;
	generate_policy on;
	nat_traversal on;
	dpd_delay 20;
	ike_frag on;
	proposal {
	encryption_algorithm aes;
	hash_algorithm sha1;
	authentication_method hybrid_rsa_server;
	dh_group 2;
	}
	}

	mode_cfg {
	pool_size 255;
	auth_source radius;
	conf_source radius;
	accounting radius;
	dns4 10.0.12.1;
	wins4 10.0.12.1;
	banner "/etc/racoon/motd";
	pfs_group 2;
	}

	sainfo anonymous {
	pfs_group 2;
	lifetime time 1 hour;
	encryption_algorithm aes;
	authentication_algorithm hmac_sha1;
	compression_algorithm deflate;
	}