Racoon with Raptor
Wayne Pascoe
freebsd at penguinpowered.org.uk
Tue Jul 1 03:08:22 PDT 2003
Hi all,
I'm setting up a VPN between a FreeBSD box and a raptor box. I'm having
some issues with racoon not exchanging keys correctly though.
I'm getting the following error when I run racoon in the foreground:
2003-07-01 11:05:58: ERROR: isakmp.c:1776:isakmp_chkph1there(): phase2
negotiation failed due to time up waiting for phase1. ESP
213.xx.xx.226->213.xx.xx.135
226 is the Raptor machine and 135 is our FreeBSD machine.
The raptor admin has said to use md5 as the hash algorithym and des as
the encryption algo. I have the following in my config file:
proposal {
encryption_algorithm des;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group 2 ;
}
sainfo anonymous
{
pfs_group 1;
lifetime time 10 min;
encryption_algorithm des;
authentication_algorithm hmac_md5;
compression_algorithm deflate ;
}
I've tried aggressive, main and base as my exchange mode.
Anyone got any ideas about this ?
Thanks,
--
Wayne Pascoe
More information about the freebsd-questions
mailing list