gsb2021/roles/vpn/templates/racoon.conf.j2

path pre_shared_key "/etc/racoon/psk.txt";

remote {{ remip }} {
        exchange_mode main,aggressive;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method pre_shared_key;
                dh_group 2;
        }
}

sainfo address {{ mynet }}/24 any address {{ remnet }}/24 any {
        pfs_group 2;
        lifetime time 1 hour ;
        encryption_algorithm 3des, blowfish 448, rijndael ;
        authentication_algorithm hmac_sha1, hmac_md5 ;
        compression_algorithm deflate ;
}