/etc/racoon/racoon.conf

path certificate "/etc/racoon/certs";
path pre_shared_key "/etc/racoon/psk.txt";
path script "/etc/racoon/scripts";

remote anonymous {
        exchange_mode main;
        my_identifier fqdn "vpn.wolfwings.us"

        certificate_type x509 "vpn.wolfwings.us.crt" "vpn.wolfwings.us.key";
        ca_type x509 "ca.crt";

        passive on;
        generate_policy on;
        nat_traversal force;

        proposal {
                encryption_algorithm aes;
                hash_algorithm sha1;
                authentication_method rsasig;
                dh_group 14;
        };
};

sainfo anonymous {
        encryption_algorithm aes;
        authentication_algorithm hmac_sha1;
        compression_algorithm deflate;
};

/etc/racoon/psk.txt (passphrase starred out obviously)

drakonidae.wolfwings.us ********

I have only the ca.crt, vpn.wolfwings.us.crt, and vpn.wolfwings.us.key files in the /etc/racoon/certs directory, all of which openssl verifies as correct:

ca.crt details:
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            ec:1a:76:04:38:c6:08:75
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, ST=Missouri, L=Kansas City, O=WolfWings, OU=Drakonidae, CN=VPN CA
        Validity
            Not Before: Jul  8 00:01:18 2011 GMT
            Not After : Jul  7 00:01:18 2012 GMT
        Subject: C=US, ST=Missouri, L=Kansas City, O=WolfWings, OU=Drakonidae, CN=VPN CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption

vpn.wolfwings.us.crt details:
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
        Signature Algorithm: shaWithRSAEncryption
        Issuer: C=US, ST=Missouri, L=Kansas City, O=WolfWings, OU=Drakonidae, CN=VPN CA
        Validity
            Not Before: Jul  8 00:01:22 2011 GMT
            Not After : Jul  7 00:01:22 2012 GMT
        Subject: C=US, ST=Missouri, L=Kansas City, O=WolfWings, OU=Drakonidae, CN=vpn.wolfwings.us
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption

And looking at the source code, I realize racoon isn't being told anything more than 'parse failed' but could someone help tell me what I missed here? I don't see any typos, but this is the most utterly useless error message here. :/

- Wolf