Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Software
User Name
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.


  Search this Thread
Old 01-16-2016, 05:32 PM   #1
Registered: Oct 2009
Posts: 117

Rep: Reputation: 1
Linux Racoon IPSec Configuration Question


I have been trying to figure out how I can setup null encryption within IPSec for protocol testing. I was originally referred to StrongSwan but raccoon seemed simpler to use. I am currently testing on Debian 7.4.

My configuration file basically looks like this:

log notify;
path pre_shared_key "/etc/racoon/psk.txt";
path certificate "/etc/racoon/certs";

remote {
        exchange_mode main,aggressive;
        proposal {
                encryption_algorithm null_enc;
#                hash_algorithm sha1;
                authentication_method pre_shared_key;
#                dh_group 2;
        generate_policy off;

sainfo address any address any {
        pfs_group 2;
        lifetime time 1 hour;
        encryption_algorithm null_enc;
        authentication_algorithm hmac_md5;
        compression_algorithm deflate;

By changing encryption to des I can get IPSec to work. However, using null or null_enc I get error messages such as:

Jan 16 18:30:01 tester racoon: INFO: Reading configuration from "/etc/racoon/racoon.conf"
Jan 16 18:30:01 tester racoon: ERROR: /etc/racoon/racoon.conf:26: ";" algorithm mismatched 1
Jan 16 18:30:01 tester racoon: ERROR: fatal parse failure (1 errors)
I know I have Kernel module support for NULL encryption so at this point I don't know exactly what to do. Perhaps someone has some suggestions or comments?


Old 01-18-2016, 01:03 PM   #2
Registered: Oct 2009
Posts: 117

Original Poster
Rep: Reputation: 1
To answer my own post I could not get null encryption to work with raccoon. I actually went back to strongswan. Sure it seems more complex "to me it did at least" but it is actually even simpler to setup then raccoon and it just works. So my suggestion if anyone has the same problem stick with strong swan.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Troubleshooting INET Routing - Linux IPsec (Racoon) HQ to Cisco Router Remote Site cyberdeath Linux - Networking 0 10-25-2014 09:44 AM
[SOLVED] ipsec racoon etc bigearsbilly Linux - Networking 4 02-14-2013 06:13 AM
help with racoon/ipsec cizzi Linux - Security 1 10-25-2009 03:20 PM
Linux to cisco IPsec problems using Racoon. robalba Linux - Networking 2 12-05-2008 03:43 PM > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 02:54 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration