From: Philip B. <pbe...@mr...> - 2008-06-09 14:45:40
|
Hello, I am running racoon from ipsec-tools-0.7 on 2 linux hosts running 2.6.22. Does racoon support ESP Authentication in transport mode? Whatever configuration I try, the resulting Wireshark packet trace shows the "ESP SPI", the "ESP Sequence", and the encrypted IP payload only. It does not show the ESP Trailer, or the "ESP Authentication Trailer", which is supposed to be present if doing ESP Authentication. The following is the racoon.conf files used on both hosts: ## path pre_shared_key "/etc/psk.txt"; log info; remote anonymous { exchange_mode main; lifetime time 24 hour; proposal_check obey; proposal { encryption_algorithm 3des; hash_algorithm md5; authentication_method pre_shared_key; dh_group 2; } } sainfo anonymous { pfs_group 2; lifetime time 12 hour; encryption_algorithm 3des, aes; authentication_algorithm hmac_md5, hmac_sha1, hmac_sha256; compression_algorithm deflate; } Is there a parameter that I am missing to get the results I am looking for? Thanks, Phil Bellino Phil Bellino Software Engineer MRV Communications, Inc. 295 Foster Street Littleton, MA. 01460 Phone: 978-952-4807 Fax: 978-952-5444 Email: pbe...@mr... <http://www.mrv.com/> |