Manual Pages for UNIX Darwin command on man racoon
MyWebUniversity

Manual Pages for UNIX Darwin command on man racoon

RACOON(8) BSD System Manager's Manual RACOON(8)



NAME
     rraaccoooonn - IKE (ISAKMP/Oakley) key management daemon



SYNOPSIS
     rraaccoooonn [-4466BBddFFLLvv] [-ff configfile] [-ll logfile] [-PP isakmp-natt-port]

            [-pp isakmp-port]



DESCRIPTION
     rraaccoooonn speaks the IKE (ISAKMP/Oakley) key management protocol, to estab-

     lish security associations with other hosts.  The SPD (Security Policy
     Database) in the kernel usually triggers rraaccoooonn.  rraaccoooonn usually sends
     all informational messages, warnings and error messages to syslogd(8)

     with the facility LOGDAEMON and the priority LOGINFO.  Debugging mes-

     sages are sent with the priority LOGDEBUG.  You should configure
     syslog.conf(5) appropriately to see these messages.


     -44



     -66      Specify the default address family for the sockets.



     -BB      Install SA(s) from the file which is specified in racoon.conf(5).



     -dd      Increase the debug level.  Multiple -dd arguments will increase

             the debug level even more.


     -FF      Run rraaccoooonn in the foreground.



     -ff configfile

             Use configfile as the configuration file instead of the default.


     -LL      Include filename:linenumber:functionname in all messages.



     -ll logfile

             Use logfile as the logging file instead of syslogd(8).


     -PP isakmp-natt-port

             Use isakmp-natt-port for NAT-Traversal port-floating.  The

             default is 4500.


     -pp isakmp-port

             Listen to the ISAKMP key exchange on port isakmp-port instead of

             the default port number, 500.


     -vv      This flag causes the packet dump be more verbose, with higher

             debugging level.

     rraaccoooonn assumes the presence of the kernel random number device rnd(4) at
     /dev/urandom.


RETURN VALUES
     The command exits with 0 on success, and non-zero on errors.


FILES
     /private/etc/racoon/racoon.conf       default configuration file.

     /private/etc/racoon/remote/anonymous  default anonymous configuration

                                           file.

     /private/etc/racoon/psk.txt           default pre-shared key file.



SEE ALSO
     ipsec(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)


HISTORY
     The rraaccoooonn command first appeared in the ``YIPS'' Yokogawa IPsec imple-

     mentation.

SSEECCUURRIITTYY CCOONNSSIIDDEERRAATTIIOONNSS
     The use of IKE phase 1 aggressive mode is not recommended, as described
     in http://www.kb.cert.org/vuls/id/886601.

BSD                            November 20, 2000                           BSD



Contact us      |      About us      |      Term of use      |       Copyright © 2000-2019 MyWebUniversity.com ™