[ previous ] [ next ] [ threads ]
 
 From:  Christian Hollaender <christian dot hollaender at gmail dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  IPSec with w0n0wall
 Date:  Thu, 7 Jul 2005 17:19:10 +0200
Hi!

I am running version 1.2b9  and I can't see a racoon running. I usr
the following ipsec configuration:

<ipsec>
                <enable/>
                <tunnel>
                        <interface>opt1</interface>
                        <local-subnet>
                                <network>lan</network>
                        </local-subnet>
                        <remote-subnet>192.168.1.0/24</remote-subnet>
                        <remote-gateway>192.168.100.253</remote-gateway>
                        <p1>
                                <mode>aggressive</mode>
                                <myident>
                                        <address>192.168.100.253</address>
                                </myident>
                               
<encryption-algorithm>3des</encryption-algorithm>
                                <hash-algorithm>sha1</hash-algorithm>
                                <dhgroup>2</dhgroup>
                                <lifetime/>
                                <pre-shared-key/>
                                <private-key>[our private key]</private-key>
                                <cert>[Here is a certificate]</cert>
                                <peercert/>
                               
<authentication_method>rsasig</authentication_method>
                        </p1>
                        <p2>
                                <protocol>esp</protocol>
                               
<encryption-algorithm-option>3des</encryption-algorithm-option>
                               
<encryption-algorithm-option>blowfish</encryption-algorithm-option>
                               
<encryption-algorithm-option>cast128</encryption-algorithm-option>
                               
<encryption-algorithm-option>rijndael</encryption-algorithm-option>
                               
<hash-algorithm-option>hmac_sha1</hash-algorithm-option>
                               
<hash-algorithm-option>hmac_md5</hash-algorithm-option>
                                <pfsgroup>0</pfsgroup>
                                <lifetime/>
                        </p2>
                        <descr>J Router</descr>
                </tunnel>
                <cacert>
                        <ident>own</ident>
                        <cert>[Here is a certificate]</cert>
                </cacert>
        </ipsec>

What do I else need to get the racoon running?

thanks in advance

Christian