Subject: Re: ipsec help? trying to tunnel to freeswan
To: Ken Raeburn <raeburn@raeburn.org>
From: Darren Reed <darrenr@reed.wattle.id.au>
List: tech-net
Date: 11/10/2001 12:54:31
In some email I received from Ken Raeburn, sie wrote:
> Bill Studenmund <wrstuden@netbsd.org> writes:
> 
> > You should look specifically at racoon and isakmpd. I prefer racoon, but
> > these are the two programs (in pkgsrc) that handle key negotiation. I
> > *think* they can add and remove policies too.
> 
> I have; that's where I found all the references to "put your
> pre-shared secret key here" type stuff that seems to assume a
> different setup than the one I have to talk to.  Maybe they just don't
> support this mode, but I am not familiar enough with IPsec yet to
> ascertain that with any confidence.

if you download the KAME update for NetBSD,
/usr/local/v6/etc/psk.txt

I've found racoon documentation far superior to that for isakmpd.
racoon is also much much easier to configure and seemingly more flexible.