path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

remote 192.168.100.100 {
        exchange_mode main;
        lifetime time 1 hour;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm sha1;
                authentication_method pre_shared_key;
                dh_group 2;
        }
}
 
sainfo address 192.168.100.2/32 any address 10.0.0.2/32 any {
        pfs_group 2;
        lifetime time 1 hour;
        encryption_algorithm 3des;
        authentication_algorithm hmac_sha1;
        compression_algorithm deflate;
}