Racoon IPSec configuration

For Developers
#1

Hi,

We try to use Racoon IPsec package in our project. I have included following packages via menuconfig

  • ipsec-tools: racoon, setkey, and kernel encryption modules
  • kmod-crypto-authenc: Module for block cipher modes (AEAD) (automatically installed with ipsec-tools in latest trunk)
  • kmod-ipsec: Basic security module (automatically installed with ipsec-tools in latest trunk)
  • kmod-ipsec4: IPv4 security module
  • kmod-ipsec6: IPv6 security module
  • ip: Required to make scripting easier
  • openssl-util: Certificate handling
  • iptables-mod-nat-extra: For VPN networks with overlapping IP addresses
  • ip6tables: IPv6 firewall support

Two things are observed:

  1. I did not find any config file in this path /etc/config/racoon. I have seen "config file" in this path /etc/racoon.conf

  2. /etc/init.d/racoon,
    it seems,this racoon start script is incomplete. I mean, if /etc/init.d/racoon start is not working

cat /etc/init.d/racoon
#!/bin/sh /etc/rc.common

USE_PROCD=1

START=49

start_service() {

mkdir -m 0700 -p /var/racoon

[ -f /etc/ipsec.conf ] && /usr/sbin/setkey -f /etc/ipsec.conf

procd_open_instance

procd_set_param command /usr/sbin/racoon -F -f /etc/racoon.conf

procd_set_param respawn

procd_close_instance

}

Please help me, to setup racoon openwrt

Thanks,
Durga K