Index of /ports_security/ipsec-tools
Name Last modified Size
![[DIR]](/icons/back.gif)
Parent Directory -
![[ ]](/icons/unknown.gif)
Makefile 28-May-2011 14:11 4.6K
distinfo 28-May-2011 14:11 144
![[DIR]](/icons/folder.gif)
files/ 28-May-2011 14:11 -
![[TXT]](/icons/text.gif)
pkg-descr 16-Aug-2006 18:00 873
pkg-plist 03-May-2006 20:01 1.4K
racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
establish security association with other hosts.
This is the IPSec-tools version of racoon.
Enchancements:
- Support of NAT-T and IKE fragmentation.
- Support of many authentication algorithms.
- Tons of bugfixes.
Known issues:
- Non-threaded implementation. Simultaneous key negotiation performance
should be improved.
- Cannot negotiate keys for per-socket policy.
- Cryptic configuration syntax - blame IPsec specification too...
- Needs more documentation.
Design choice, not a bug:
- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must
be configured into the kernel separately from racoon. If you want to
support roaming clients, you may need to have a mechanism to put policy
for the roaming client after phase 1 finishes.
WWW: http://ipsec-tools.sourceforge.net/