log debug2;path pre_shared_key "/etc/racoon/psk.txt";path certificate "/etc/racoon/certs";timer{ natt_keepalive 10 sec;}remote VPN.GATEWAY{ exchange_mode aggressive; nat_traversal on; ike_frag on; peers_identifier asn1dn; proposal_check obey; my_identifier user_fqdn "YOUR.EMAIL.ADDRESS"; proposal { encryption_algorithm aes; hash_algorithm sha1; authentication_method pre_shared_key; dh_group modp1024; }}sainfo address DESKTOP.IP.ADDRESS/32 any address VPN.GATEWAY/28 any{ pfs_group modp1024; encryption_algorithm 3des; authentication_algorithm hmac_sha1; compression_algorithm deflate;}listen{ adminsock "/var/run/racoon.sock" "root" "operator" 0660;}
Connecting to Netscreen Series (NetScreen-5) VPN with Mac OS X (Snow Leopard)
(Followup to my NetScreen-5 from Ubuntu article) I recently struggled through the details of establishing a VPN connection from my Mac OS X desktop to a Juniper Networks Netscreen-5. Here's how I solved it. My Netscreen-5 was configured with some typical settings:Phase 1Pre-shared key "your-pre-shared-key-here"Encryption "pre-g2-aes128-sha"Phase 2 Encryption "g2-esp-3des-sha"To configure the client-side using an Ubuntu desktop, I used Racoon and KVpnc but didn't have the luxury of KVpnc on my Mac desktop so I had to manually edit my racoon.conf: