Racoon
Hello
I want to make using racoon IPSEC connection. My configuration is as
follows. B site RouterOS (Mikrotik) are available. A kind of
connection can not be established.
Note: IP addresses are shown as examples.
WAN sites: 1.1.1.1
LAN sites: 2.2.2.2
B's: 3.3.3.3
B's: 4.4.4.4
- A site config;
pre_shared_key path "/etc/racoon/psk.txt";
path certificate "/ etc / racoon / certs";
remote 3.3.3.3 {
exchange_mo in the main;
initial_contact one;
proposal_check obey;
proposal {
encryption_algorithm 3DES;
hash_algorithm md5;
authentication_method pre_shared_key;
dh_group modp1024;
}
}
Sainfoin any address 2.2.2.2/24 4.4.4.4/24 address any {
lifetime time 24 hour;
encryption_algorithm 3DES;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
pfs_group modp1024;
}
================================
cat /etc/ipsec cat-tools.conf
#
-P out ipsec spdadd any 2.2.2.2/24 4.4.4.4/24
esp / tunnel / 1.1.1.1-3.3.3.3 / required;
-P out ipsec spdadd any 4.4.4.4/24 2.2.2.2/24
esp / tunnel / 3.3.3.3-1.1.1.1 / required;
===================================
cat psk.txt
xxxxxxx
============================
B site
/ip ipsec proposal
set [ find default=yes ] auth-algorithms=md5
/ip ipsec peer
add address=1.1.1.1/32 secret=xxxxx
/ip ipsec policy
add dst-address=2.2.2.2 sa-dst-address=1.1.1.1 \
sa-src-address=3.3.3.3 src-address=4.4.4.4 tunnel=yes
What do you think could be the problem?
Reply to:
- Follow-Ups:
- Re: Racoon
- From: "Karl E. Jorgensen" <karl@jorgensen.org.uk>