roadwarrior/server/racoon.conf-radius

path certificate "/etc/openssl/certs";

listen {
	adminsock disabled;
}

remote anonymous {
	exchange_mode aggressive;
	certificate_type x509 "server.crt" "server.key";
	my_identifier asn1dn;
	proposal_check strict;
	generate_policy on;
	nat_traversal on;
	dpd_delay 20;
	ike_frag on;
	proposal {
		encryption_algorithm aes;
		hash_algorithm sha1;
		authentication_method hybrid_rsa_server;
		dh_group 2;
	}
}

mode_cfg {
	pool_size 255;
	auth_source radius;
	conf_source radius;
	accounting radius;
	dns4 10.0.12.1;
	wins4 10.0.12.1;
	banner "/etc/racoon/motd";
	pfs_group 2;
}

sainfo anonymous {
	pfs_group 2;
	lifetime time 1 hour;
	encryption_algorithm aes;
	authentication_algorithm hmac_sha1;
	compression_algorithm deflate;
}