Subject: Re: racoon interoperability
To: None <>
From: None <>
List: tech-net
Date: 04/24/2002 11:30:01
>I've made IPSec interoperability test.
>Wish this information can be useful for us, 
>especially for racoon users.
>My PC runs NetBSD1.5.2 (i386) + racoon-20011215a
>BTW, I don't understand why NULL encryption fail to interoperate
>with other devices; although phase-1/phase-2 done and SA 
>established. Tcpdump receives ESP protocol at WAN interface,
>but no packet for LAN interface. 
>From sonicwall log, it shows...
>"phase-1 & phase-2 done; ipsec Authentication failed"
>Somebody knows? Any suggestions?

	the issue with NULL encryption is not racoon problem but kernel
	problem.  do you have any tcpdump trace during the test?  does
	the situation change if you turn on/off ESP authentication?
	(crypto checksum)
	btw, do other boxes interoperate with NULL encryption?