Seth Woolley's Man Viewer

Manual for racoon - man racoon

([section] manual, -k keyword, -K [section] search, -f whatis)
man plain no title 

RACOON(8)                 BSD System Manager's Manual                RACOON(8)

NAME
     racoon(5,8) -- IKE (ISAKMP/Oakley) key management daemon

SYNOPSIS
     racoon(5,8) [-BFvdL46] [-f configfile] [-l logfile] [-p isakmp-port]
            [-P isakmp-natt-port]

DESCRIPTION
     racoon(5,8) speaks IKE (ISAKMP/Oakley) key management protocol, to establish
     security association with other hosts.  SPD (Security Policy Database) in(1,8)
     the kernel usually triggers to start racoon(5,8).  racoon(5,8) usually sends all of
     informational messages, warnings and error(8,n) messages to syslogd(8) with
     the facility LOG_DAEMON, the priority LOG_INFO.  Debugging messages are
     sent with the priority LOG_DEBUG.  You should configure syslog.conf(5)
     appropriately to see these messages.

     -B      Install SA(s) from the file(1,n) which is specified in(1,8) racoon.conf(5).

     -F      Run racoon(5,8) in(1,8) the foreground.

     -f configfile
             Use configfile as the configuration file(1,n) instead of the default.

     -l logfile
             Use logfile as the logging file(1,n) instead of syslogd(8).

     -p isakmp-port
             Listen to ISAKMP key exchange on port isakmp-port instead of the
             default port number, 500.

     -P isakmp-natt-port
             Use isakmp-natt-port for NAT-Traversal port-floating. The default
             is 4500.

     -v      The flag causes the packet dump be more verbose, with higher
             debugging level.

     -d      Increase the debug level.  Multiple -d will increase the debug
             level even more.

     -L      Include file_name:line_number:fuction_name location in(1,8) all mes-
             sages.

     -4

     -6      Specifies the default address family for the sockets.

     racoon(5,8) assumes the presence of kernel random(3,4,6) number device rnd(4) at
     /dev/urandom.  Informational messages are labeled info(1,5,n), and debugging
     messages are labeled debug.  You have to configure syslog.conf(5) if(3,n) you
     want to see them in(1,8) a logging file.

RETURN VALUES
     The command exits with 0 on success, and non-zero on errors.

FILES
     /usr/local/v6/etc/racoon.conf  default configuration file.

SEE ALSO
     ipsec(5,8)(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)

HISTORY
     The racoon(5,8) command first appeared in(1,8) ``YIPS'' Yokogawa IPsec implementa-
     tion.

SECURITY CONSIDERATIONS
     The use of IKE phase 1 aggressive mode is not recommended, as describved
     in(1,8) http://www.kb.cert.org/vuls/id/886601.

KAME                           November 20, 2000                          KAME

References for this manual (incoming links)