HP-UX IPSec Version A.03.02.02 Administrator's Guide HP-UX 11i version 2 and HP-UX 11i version 3 (762800-001, April 2014)
Racoon2 Configuration
The following Racoon 2 configuration files are located in the /usr/local/racoon2/etc/
racoon directory.
• racoon2.conf
• transport_ike.conf
• vals.conf
• default.conf
• test.psk (in the /usr/local/racoon2/etc/racoon/psk subdirectory)
racoon2.conf File
The contents of the racoon2.conf file are as follows:
#########################
## /usr/local/racoon2/etc/racoon2/racoon2.conf
include "/usr/local/racoon2/etc/racoon2/vals.conf";
interface
{
ike {
MY_IP port 500;
};
spmd {
unix "/var/run/racoon2/spmif";
};
spmd_password "/usr/local/racoon2/etc/racoon2/spmd.pwd";
};
resolver
{
resolver off;
};
include "/usr/local/racoon2/etc/racoon2/default.conf";
include "/usr/local/racoon2/etc/racoon2/transport_ike.conf";
transport_ike.conf File
The contents of the transport_ike.conf file are as follows:
#########################
## /usr/local/racoon2/etc/racoon2/transport_ike.conf
remote ike_trans_remote {
acceptable_kmp { ikev1; };
ikev1 {
my_id ipaddr "${MY_IPADDRESS}";
peers_id ipaddr "${PEERS_IPADDRESS}";
peers_ipaddr "${PEERS_IPADDRESS}" port 500;
kmp_enc_alg { 3des_cbc; };
kmp_hash_alg { sha1; };
kmp_dh_group { modp1024; };
## Use Preshared Key
kmp_auth_method { psk; };
pre_shared_key "${PSKDIR}/${PRESHRD_KEY}";
};
selector_index ike_trans_sel_in; };
selector ike_trans_sel_out {
direction outbound;
src "${MY_IPADDRESS}";
FreeBSD 171