Pb emission trames RACOON

Bonjour

J’ai configuré RACOON et je lance la commande.
Rien n’est émis en ligne.

Avez vous une idée ? firewall ??? mauvaise config ??? bug ???

Merci pour votre aide

Jacques

ipsec-tools.conf

#!/usr/sbin/setkey -f
spdadd 192.168.10.0/24 192.168.20.0/24 any -P out ipsec esp/tunne/46.105.10.133-2.4.217.1$
spdadd 192.168.20.0/24 192.168.10.0/24 any -P in ipsec esp/tunnel/2.4.217.193-46.105.10.$

psk.txt:

2.4.217.193 32153215

racoon.conf:

path pre_shared_key “/etc/racoon/psk.txt”;

remote 2.4.217.193 {
exchange_mode main,aggressive;
proposal {
encryption_algorithm 3des;
hash_algorithm sha1;
authentication_method pre_shared_key;
dh_group modp1024;
}
generate_policy off;
}

sainfo address 192.168.203.10 any address 192.168.22.0/24 any {
pfs_group modp768;
encryption_algorithm 3des;
authentication_algorithm hmac_md5;
compression_algorithm deflate;
}

la commande:

racoon -f /etc/racoon/racoon.conf -F -d

	ce qui s'affiche :

Foreground mode.
2012-03-09 09:43:55: INFO: @(#)ipsec-tools 0.7.1 (ipsec-tools.sourceforge.net)
2012-03-09 09:43:55: INFO: @(#)This product linked OpenSSL 0.9.8k 25 Mar 2009 ($
2012-03-09 09:43:55: INFO: Reading configuration from "/etc/racoon/racoon.conf"
2012-03-09 09:43:55: DEBUG: call pfkey_send_register for AH
2012-03-09 09:43:55: DEBUG: call pfkey_send_register for ESP
2012-03-09 09:43:55: DEBUG: call pfkey_send_register for IPCOMP
2012-03-09 09:43:55: INFO: Resize address pool from 0 to 255
2012-03-09 09:43:55: DEBUG: reading config file /etc/racoon/racoon.conf
2012-03-09 09:43:55: DEBUG: hmac(modp1024)
2012-03-09 09:43:55: DEBUG: compression algorithm can not be checked because sadb message $
2012-03-09 09:43:55: DEBUG: getsainfo params: loc=‘192.168.203.10’, rmt=‘192.168.22.0/24’,$
2012-03-09 09:43:55: DEBUG: getsainfo pass #2
2012-03-09 09:43:55: DEBUG: open /var/run/racoon/racoon.sock as racoon management.
2012-03-09 09:43:55: DEBUG: my interface: fe80::2eff:fe69:a85%eth0 (eth0)
2012-03-09 09:43:55: DEBUG: my interface: ::1 (lo)
2012-03-09 09:43:55: DEBUG: my interface: 46.105.10.133 (eth0)
2012-03-09 09:43:55: DEBUG: my interface: 127.0.0.1 (lo)
2012-03-09 09:43:55: DEBUG: configuring default isakmp port.
2012-03-09 09:43:55: DEBUG: 4 addrs are configured successfully
2012-03-09 09:43:55: INFO: 127.0.0.1[500] used as isakmp port (fd=6)
2012-03-09 09:43:55: INFO: 127.0.0.1[500] used for NAT-T
2012-03-09 09:43:55: INFO: 46.105.10.133[500] used as isakmp port (fd=7)
2012-03-09 09:43:55: INFO: 46.105.10.133[500] used for NAT-T
2012-03-09 09:43:55: INFO: ::1[500] used as isakmp port (fd=8)
2012-03-09 09:43:55: INFO: fe80::2eff:fe69:a85%eth0[500] used as isakmp port (fd=9)
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:55: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:55: DEBUG: get pfkey X_SPDDUMP message
2012-03-09 09:43:59: INFO: caught signal 2
2012-03-09 09:43:59: DEBUG: pk_recv: retry[0] recv()
2012-03-09 09:43:59: DEBUG: get pfkey FLUSH message
2012-03-09 09:44:00: DEBUG: call pfkey_send_dump
2012-03-09 09:44:00: DEBUG: pk_recv: retry[0] recv()