Subject: Re: racoon -- AUTH must be present for ESP
To: Jun-ichiro itojun Hagino <>
From: Jay Nelson <>
List: current-users
Date: 10/22/2003 10:15:25
On Wed, Oct 22, 2003 at 11:51:26AM +0900, Jun-ichiro itojun Hagino wrote:
> > > 	try removing "non_auth" from "sainfo" clause in racoon.conf.
> > > 	if it fixes the issue, it is a racoon problem (it should skip the
> > > 	combination of no-esp and no-auth).
> > 
> > That solved the problem, but now raises the question, "is the
> > connection encrypted?" I guess I'll have to do a little digging.
> > Thanks for your help.
> 	remove "null_enc" if you want to be sure that it's encrypted.

Thanks. Actually, it was encrypted, but removing the flag is a good
> 	btw, are you using racoon vs racoon, or racoon vs some other
> 	implementation?

It's racoon on my end connecting to a Cisco PIX firewall (OS v. 5.3.1)
on the other, if that's what you mean. When I originally set up the
tunnel I was rather blindly following what our network guru told
me to do.  So beyond checking that it was really encrypted, I didn't
look much deeper:)

Racoon has worked quite well for nearly three years. I'm happy with
it. I appreciate your efforts.

-- jay