Forum Replies Created

Viewing 1 post (of 1 total)
  • Author
    Posts
  • June 17, 2003 at 7:27 pm in reply to: VaporSec AppleScript Error – Can’t Read Config File #355901
    pyroplastic
    Participant

    Joel,
    Thanks for the quick reply. The log indicated an error on line 32 (syntax error). This is the start of the ‘remote anonymous’ section of the config. Just for kicks I backed up the config and removed everything except my setup (remote 68.83.109.243) and the first few sections that seem to deal with general settings. After the edit I re-ran VaporSec and received the same error.

    Then came the bigger surprise; I took another look at the config file and the sections I deleted ‘magically’ reappeared. Maybe this is to be expected but it short-circuited my little experiment.

    My config file is below. Any suggestions are welcome.

    Thanks!
    Scott

    # $KAME: racoon.conf.in,v 1.17 2001/08/14 12:10:22 sakane Exp $

    path pre_shared_key “/etc/racoon/psk.txt” ;

    path certificate “/LIbrary/Application Support/VaporSec/certs” ;

    padding
    {
    maximum_length 20; # maximum padding length.
    randomize off; # enable randomize length.
    strict_check off; # enable strict check.
    exclusive_tail off; # extract last one octet.
    }

    listen
    {
    }

    # Specification of default various timer.
    timer
    {
    # These value can be changed per remote node.
    counter 5; # maximum trying count to send.
    interval 20 sec; # maximum interval to resend.
    persend 1; # the number of packets per a send.

    # timer for waiting to complete each phase.
    phase1 30 sec;
    phase2 30 sec;
    }

    remote anonymous
    {
    exchange_mode main,aggressive;
    doi ipsec_doi;
    situation identity_only;

    my_identifier user_fqdn “macuser@localhost”;
    nonce_size 16;
    lifetime time 1 min; # sec,min,hour
    initial_contact on;
    support_mip6 on;
    proposal_check obey; # obey, strict or claim

    proposal {
    encryption_algorithm 3des;
    hash_algorithm sha1;
    authentication_method pre_shared_key ;
    dh_group 2 ;
    }
    }

    remote ::1 [8000]
    {
    #exchange_mode main,aggressive;
    exchange_mode aggressive,main;
    doi ipsec_doi;
    situation identity_only;

    my_identifier user_fqdn “macuser@localhost”;

    nonce_size 16;
    lifetime time 1 min; # sec,min,hour

    proposal {
    encryption_algorithm 3des;
    hash_algorithm sha1;
    authentication_method pre_shared_key ;
    dh_group 2 ;
    }
    }

    sainfo anonymous
    {
    pfs_group 2 ;
    lifetime time 12 hour ;
    encryption_algorithm des, 3des, rijndael, cast128, blowfish, null_enc ;
    authentication_algorithm hmac_md5, hmac_sha1, non_auth ;
    compression_algorithm deflate ;
    }

    remote 68.83.109.243
    {
    exchange_mode main;
    doi ipsec_doi;
    situation identity_only;
    nonce_size 16;
    lifetime time 28800 seconds;
    initial_contact on;
    support_mip6 on;
    proposal_check obey;

    proposal {
    encryption_algorithm 3des;
    hash_algorithm md5;
    authentication_method pre_shared_key ;
    dh_group 1;
    }
    }

    sainfo address 10.1.3.8/32 any address /32 any
    {
    pfs_group 2;
    lifetime time 28800 seconds;
    encryption_algorithm 3des;
    authentication_algorithm hmac_md5;
    compression_algorithm deflate;
    }

  • Author
    Posts
Viewing 1 post (of 1 total)
Copyright © 2025 AFP548. All Rights Reserved.