racoon ipsec enable machin not able to ping each other
 

hi all

i have two laptop of ip-address --10.114.12.27 & 10.114.12.28.
i have install ipsec-tools & racoon on both laptop.
i m using ubuntu os.

now i want to use automatic keying by racoon.
for this i have put these lines in /etc/racoon/racoon.conf

path pre_shared_key "/etc/racoon/psk.txt";

remote anonymous
{
exchange_mode aggressive,main;
doi ipsec_doi;
situation identity_only;

my_identifier address;

lifetime time 2 min; # sec,min,hour
initial_contact on;
proposal_check obey; # obey, strict or claim

proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group 2 ;
}
}

sainfo anonymous
{
pfs_group 1;
lifetime time 2 min;
encryption_algorithm 3des ;
authentication_algorithm hmac_sha1;
compression_algorithm deflate ;
}

and my psk.txt of 10.114.12.28 having this:
10.114.12.27 cedt1234

and my psk.txt of 10.114.12.27 having this:
10.114.12.28 cedt1234

and /etc/ipsec-tools.conf have these line On host 10.114.12.27:

#!/sbin/setkey -f
flush;
spdflush;

spdadd 10.114.12.27 10.114.12.28 any -P out ipsec
esp/transport//require;

spdadd 10.114.12.27 10.114.12.28 any -P in ipsec
esp/transport//require;


and when i usint "racoon -F" and try to ping these two laptop , it is not pinging at all.

and alse "racoon -F" does not show any ESP and AH

plz help me .......i am new in this ipsec security.

What you're working with is very involved. You should read this: http://www.ipsec-howto.org/x304.html