Subject: Re: Fixed arp entry for WaveLan?
To: Wolfgang Rupprecht <firstname.lastname@example.org>
From: None <email@example.com>
Date: 02/22/2000 11:45:26
>This doesn't provide any security because the '/use' indicates it is
>optional. When I change to '/require' all communication stops.
>When actually using this with racoon, it will run for 10 minutes or so
>and then I get 1-2minute hangs that eventually unwedge under a barrage
>of pings. I also see racoon spit out diagnostics that to my untrained
>eye don't look too encouraging.
Please make sure the following things (for both sides):
- have peer's ip addrss, and secret key, into psk.txt
- make sure to have "remote" entry for the peer, in remote.conf
- make sure to have "policy" entry for the peer, in policy.conf
- don't use symbolic name "high" or "normal" in remote.conf or
policy.conf (we have bug in there - will fix sample config files)
If it still does not work, please run
# racoon -f configfile -d 0xffffffff
on both sides and send off the whole output to me privately.
I agree racoon configuration files are too cryptic. I hope to address
>Is anyone already using ipsec and possibly isakmp on their wireless
there should be no difference between "isakmp on wireless"
and "isakmp on ethernet"...