I have now managed to get the whole thing working with x509 keys...
This all works if I use two public IP addresses.
If my client however, is behind a NATing gateway, the whole thing falls
over.
I am running XP sp 2 and have enabled
AssumeUDPEncapsulationContextOnSendRule.
I have also added the following lines to my racoon.conf...
isakmp_natt a.b.c.d [4500];
and
nat_traversal force;
but this still doesn't seem to want ot force natt - doing tcpdumps, I do
not see windows try and connect to port 4500 udp - what am I doing wrong?
Thanks
Andrew
Have you taken a look at http://www.ipsec-howto.org/ ? It's a pretty
good (IMHO) and hands-on HOWTO that contains example configuration files
for isakmpd and racoon.