# Simple racoon.conf
# 
# Refer to http://wiki.openwrt.org/doc/howto/vpn.ipsec.basics.racoon for
# details about configuring racoon in OpenWRT.
#
# Also read the Linux IPSEC Howto up at 
# http://www.ipsec-howto.org/t1.html 
#
# Manual pages for ipsec-tools are not included with OpenWRT. Refer to
# the following locations to view them online:
# http://linux.die.net/man/8/racoon
# http://linux.die.net/man/5/racoon.conf
# http://linux.die.net/man/8/setkey
#

log notify;
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

#remote 172.31.1.1 {
#        exchange_mode main,aggressive;
#        proposal {
#                encryption_algorithm 3des;
#                hash_algorithm sha1;
#                authentication_method pre_shared_key;
#                dh_group modp1024;
#        }
#        generate_policy off;
#}
# 
#sainfo address 192.168.203.10[any] any address 192.168.22.0/24[any] any {
#        pfs_group modp768;
#        encryption_algorithm 3des;
#        authentication_algorithm hmac_md5;
#        compression_algorithm deflate;
#}