Hi,
I am testing the racoon ipsec between two ubuntu machines. SPD is populated correctly, but In SAD, only outbound entry present, there is no inbound entry.
This is my ipsec-tools.conf file in one of my machines
## Flush the SAD and SPD
#
flush;
spdflush;
spdadd -6 2012::1 2012::2 any -P out ipsec
esp/transport//require;
spdadd -6 2012::2 2012::1 any -P in ipsec
esp/transport//require;
-------------------------------------------------
This is my racoon.conf file:
=============================
log notify;
usps tracking
path pre_shared_key "/etc/racoon/psk.txt";
#path certificate "/etc/racoon/certs";
remote 2012::2 {
exchange_mode main;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
generate_policy off;
}
sainfo address 2012::1 any address 2012::2 any {
pfs_group modp768;
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate
This is my preshared key file and I changed this file mode to 600
/etc/racoon/psk.txt
# IPv4/v6 addresses
2012::2 verysecret
While checking in SAD entries by using command setkey -D
only outbound entry found, no inbound entry.
Please help me to narrow the issue.
Thanks,
Durga K