OpenForum RSS: �� racoon �� VPN FreeBSD D-Link DI-804HV

�� racoon �� VPN FreeBSD D-Link DI-804HV (Sergey)

Fri, 11 Dec 2009 22:35:51 GMT

>�� ?
>�� , �� ?
>
>�� . �� , �
>�� .
>�� .

�� , �� , �� .

�� .

�� racoon �� VPN FreeBSD D-Link DI-804HV (FatCat71)

Tue, 26 May 2009 07:55:01 GMT

�� ?
�� , �� ?

�� . �� , � �� .
�� .

�� racoon �� VPN FreeBSD D-Link DI-804HV (Vel)

Mon, 04 Dec 2006 15:19:30 GMT

>>��, �� dh_group �� .
>>�.�. � �� , �� .
>
>�� , �� :
>racoon.conf
>path include "/usr/local/etc/racoon" ;
>path pre_shared_key "/usr/local/etc/racoon/psk.txt" ;
>#path certificate "/usr/local/etc/cert" ; (�� )
>
>log notify;
>
>padding
>{
> maximum_length 20;
> # maximum padding length.
> randomize off;
> # enable randomize length.
>
> strict_check off;
> # enable strict check.
> exclusive_tail off;
> # extract last one octet.
>}
>
>listen
>{
> #isakmp ::1 [7000];
> isakmp XX.XX.XX.XX [500];
> #admin [7002];
> # administrative's port by
>kmpstat.
> #strict_address;
> # required all addresses must be bound.
>
>}
>
>timer
>{
> # These value can
>be changed per remote

�� racoon �� VPN FreeBSD D-Link DI-804HV (Vel)

Mon, 04 Dec 2006 13:59:39 GMT

�� !��, ��.
Linux Gentoo 2006.1, 2.6.18.2 �� IPSe� ��.

racoon -F -v -f /etc/racoon/racoon.conf -l /var/log/racoon.log
Foreground mode.
2006-12-04 16:51:32: INFO: @(#)ipsec-tools 0.6.3 (http://ipsec-tools.sourceforge.net)
2006-12-04 16:51:32: INFO: @(#)This product linked OpenSSL 0.9.7j 04 May 2006 (http://www.openssl.org/)
2006-12-04 16:51:32: WARNING: /etc/racoon/racoon.conf:44: "support_mip6" it is obsoleted. use "support_proxy".
2006-12-04 16:51:32: INFO: XXX.XXX.XXX.XXX[500] used as isakmp port (fd=5)
2006-12-04 16:51:32: INFO: XXX.XXX.XXX.XXX[500] used for NAT-T
�� 500-�� ? �� ?

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

Wed, 14 Jun 2006 09:50:28 GMT

�� . � �� "��", �� , �� , �� , �� , �� .
�� .�.
� racoon.log:
2006-06-14 12:35:28: INFO: 213.179.229.241[500] used as isakmp port (fd=4)
2006-06-14 12:35:36: INFO: respond new phase 1 negotiation: �.�.�.�[500]<=>Y.Y.Y.Y[500]
2006-06-14 12:35:36: INFO: begin Identity Protection mode.
2006-06-14 12:35:36: WARNING: SPI size isn't zero, but IKE proposal.
2006-06-14 12:36:17: ERROR: ignore information because ISAKMP-SA has not been established yet.
2006-06-14 12:36:41: ERROR: none message must be encrypted
2006-06-14 12:37:22: ERROR: none message must be encrypted
2006-06-14 12:37:37: ERROR: phase1 negotiation failed due to time up. c8f84c905f698ecf:1829832c5821bf73

��:
racoon.conf
path include "/usr/local/etc/racoon" ;
path pre_shared_key "/usr/local/etc/racoon/psk.txt" ;
#path certificate "/usr/local/etc/cert" ;

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

Wed, 07 Jun 2006 09:12:25 GMT

>��, �� dh_group �� .
>�.�. � �� , �� .

�� , �� :
racoon.conf
path include "/usr/local/etc/racoon" ;
path pre_shared_key "/usr/local/etc/racoon/psk.txt" ;
#path certificate "/usr/local/etc/cert" ; (�� )
log notify;

padding
{
maximum_length 20; # maximum padding length.
randomize off; # enable randomize length.
strict_check off; # enable strict check.
exclusive_tail off; # extract last one octet.
}

listen
{
#isakmp ::1 [7000];
isakmp XX.XX.XX.XX [500];
#admin [7002]; # administrative's port by kmpstat.
#strict_address; # required all addresses must be bound.
}

timer
{
# These value can be changed per remote node.
counter 5; # maximum trying count to

�� racoon �� VPN FreeBSD D-Link DI-804HV (RK)

Wed, 07 Jun 2006 08:17:37 GMT

>racoon �� :
>�� "��" VPN � �� :
># /usr/local/sbin/racoon -F -v -f /etc/racoon.conf -l /var/log/racoon.log
>Foreground mode.
> 2006-06-07 09:39:53: INFO: @(#)ipsec-tools 0.6.5 (http://ipsec-tools.sourceforge.net)
> 2006-06-07 09:39:53: INFO: @(#)This product linked OpenSSL 0.9.7d 17 Mar 2004
>(http://www. openssl.org/)
> 2006-06-07 09:39:53: WARNING: /etc/racoon.conf:65: "support_mip6" it is obsoleted. use
> "support_proxy".
> 2006-06-07 09:39:53: INFO: X.X.X.X[500] used as isakmp port (fd=4)
> 2006-06-07 09:44:25: INFO: respond new phase 1 negotiation: X.X.X.X[500]<=>Y.Y.Y.Y[500]
> 2006-06-07 09:44:25: INFO: begin Identity Protection mode.
> 2006-06-07 09:44:25: WARNING: SPI size isn't zero, but IKE proposal.
> 2006-06-07 09:44:25: ERROR: rejected dh_group: DB(prop#1:trns#1):Peer(prop#1:trns#1) = 768-bit MODP
>group:1024-bit MODP group
> 2006-06-07 09:44:25: ERROR: no suitable proposal found.
> 2006-06-07 09:44:25: ER

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

Wed, 07 Jun 2006 07:53:49 GMT

racoon �� :
�� "��" VPN � �� :
# /usr/local/sbin/racoon -F -v -f /etc/racoon.conf -l /var/log/racoon.log
Foreground mode.
2006-06-07 09:39:53: INFO: @(#)ipsec-tools 0.6.5 (http://ipsec-tools.sourceforge.net)
2006-06-07 09:39:53: INFO: @(#)This product linked OpenSSL 0.9.7d 17 Mar 2004 (http://www. openssl.org/)
2006-06-07 09:39:53: WARNING: /etc/racoon.conf:65: "support_mip6" it is obsoleted. use "support_proxy".
2006-06-07 09:39:53: INFO: X.X.X.X[500] used as isakmp port (fd=4)
2006-06-07 09:44:25: INFO: respond new phase 1 negotiation: X.X.X.X[500]<=>Y.Y.Y.Y[500]
2006-06-07 09:44:25: INFO: begin Identity Protection mode.
2006-06-07 09:44:25: WARNING: SPI size isn't zero, but IKE proposal.
2006-06-07 09:44:25: ERROR: rejected dh_group: DB(prop#1:trns#1):Peer(prop#1:trns#1) = 768-bit MODP group:1024-bit MODP group
2006-06-07 09:44:25: ERROR: no suitable proposal found.
2006-06-07 09:44:25: ERROR: failed to get valid proposal.

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

Mon, 05 Jun 2006 12:04:12 GMT

��
pool# racoon -F
Foreground mode.
2006-06-05 15:10:24: INFO: @(#)ipsec-tools 0.6.5 (http://ipsec-tools.sourceforge.net)
2006-06-05 15:10:24: INFO: @(#)This product linked OpenSSL 0.9.7d 17 Mar 2004 (http://www.openssl.org/)
racoon: failed to parse configuration file.
2006-06-05 15:10:24: ERROR: glob found no matches for pathpool#

OpenForum RSS: �������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (Sergey)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (FatCat71)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (Vel)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (Vel)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (deMan)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (deMan)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (RK)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (deMan)

�������� � racoon ��� ��������� VPN FreeBSD D-Link DI-804HV (deMan)

OpenForum RSS: �� racoon �� VPN FreeBSD D-Link DI-804HV

�� racoon �� VPN FreeBSD D-Link DI-804HV (Sergey)

�� racoon �� VPN FreeBSD D-Link DI-804HV (FatCat71)

�� racoon �� VPN FreeBSD D-Link DI-804HV (Vel)

�� racoon �� VPN FreeBSD D-Link DI-804HV (Vel)

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

�� racoon �� VPN FreeBSD D-Link DI-804HV (RK)

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)

�� racoon �� VPN FreeBSD D-Link DI-804HV (deMan)