crypto keyring CISICO crypto isakmp policy 30 encr aes 256 hash sha authentication pre-share group 1 crypto isakmp key 6 S[h]AH][Hcb\`aYPgB]HbY\^_ViYUOAAB address 116.203.229.50 crypto isakmp keepalive 10 crypto ipsec transform-set TS-02 esp-aes 256 esp-sha-hmac mode transport crypto ipsec profile IPPRO-01 set security-association lifetime seconds 86400 set transform-set TS-02 interface Tunnel7 description CISICO--V7 ip address 10.8.5.2 255.255.255.252 ip tcp adjust-mss 1420 tunnel source Dialer0 tunnel destination 116.203.229.50 tunnel protection ipsec profile IPPRO-01
- racoon.conf
path pre_shared_key "/usr/local/etc/racoon/psk.txt"; log debug; padding { maximum_length 20; randomize off; strict_check off; exclusive_tail off; } remote anonymous { exchange_mode aggressive, main; lifetime time 1 hour; proposal { encryption_algorithm aes 256; hash_algorithm sha1; authentication_method pre_shared_key; dh_group 1; } } sainfo anonymous { pfs_group 1; lifetime time 1 hour; encryption_algorithm aes 256; authentication_algorithm hmac_sha1; compression_algorithm deflate; }
- ipsec.conf
flush; spdflush; spdadd 116.203.229.50/32 78.36.201.239/32 gre -P out ipsec esp/transport//require; spdadd 78.36.201.239/32 116.203.229.50/32 gre -P in ipsec esp/transport//require;