[General]
Policy-File=    /etc/isakmpd/isakmpd.policy
Listen-on=      194.23.98.3

[Phase 1]
Default=                ISAKMP-clients

[Phase 2]
Passive-Connections=    IPsec-clients


# Phase 1 peer sections
#######################

[ISAKMP-clients]
Phase=                  1
Transport=              udp
Configuration=          main-mode
ID=                     my-ID

[my-ID]
ID-type=                FQDN
Name=                   mrtg.cellnetwork.com

# Phase 2 sections
##################

[IPsec-clients]
Phase=                  2
Configuration=          quick-mode
Local-ID=               default-route
Remote-ID=              dummy-remote

[default-route]
ID-type=        IPV4_ADDR_SUBNET
Network=        192.168.140.0
Netmask=        255.255.255.0

[dummy-remote]
ID-type=        IPV4_ADDR
Address=        0.0.0.0

#[x509-certificates]
#CA-directory=  /etc/isakmpd/ca/
#Cert-directory=        /etc/isakmpd/certs/
#Private-key=   /etc/isakmpd/private/local.key

# Transform descriptions
########################
#
# For Main Mode:
#   {DES,BLF,3DES,CAST}-{MD5,SHA}[-{DSS,RSA_SIG}]
#
# For Quick Mode:
#   QM-{ESP,AH}[-TRP]-{DES,3DES,CAST,BLF,AES}[-{MD5,SHA,RIPEMD}][-PFS]-SUITE

# Main -and quick mode transforms

[main-mode]
DOI=IPSEC
EXCHANGE_TYPE=ID_PROT
Transforms=BLF-SHA-RSA_SIG

[quick-mode]
DOI=IPSEC
EXCHANGE_TYPE=QUICK_MODE
Suites=QM-ESP-AES-SHA-SUITE