Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
RACOON(8)		  BSD System Manager's Manual		     RACOON(8)

NAME
     racoon -- IKE (ISAKMP/Oakley) key management daemon

SYNOPSIS
     racoon [-46BdFLVv]	[-f configfile]	[-l logfile] [-P isakmp-natt-port]
	    [-p	isakmp-port]

DESCRIPTION
     racoon speaks the IKE (ISAKMP/Oakley) key management protocol, to estab-
     lish security associations	with other hosts.  The SPD (Security Policy
     Database) in the kernel usually triggers racoon.  racoon usually sends
     all informational messages, warnings and error messages to	syslogd(8)
     with the facility LOG_DAEMON and the priority LOG_INFO.  Debugging	mes-
     sages are sent with the priority LOG_DEBUG.  You should configure
     syslog.conf(5) appropriately to see these messages.

     -4

     -6	     Specify the default address family	for the	sockets.

     -B	     Install SA(s) from	the file which is specified in racoon.conf(5).

     -d	     Increase the debug	level.	Multiple -d arguments will increase
	     the debug level even more.

     -F	     Run racoon	in the foreground.

     -f	configfile
	     Use configfile as the configuration file instead of the default.

     -L	     Include file_name:line_number:function_name in all	messages.

     -l	logfile
	     Use logfile as the	logging	file instead of	syslogd(8).

     -P	isakmp-natt-port
	     Use isakmp-natt-port for NAT-Traversal port-floating.  The	de-
	     fault is 4500.

     -p	isakmp-port
	     Listen to the ISAKMP key exchange on port isakmp-port instead of
	     the default port number, 500.

     -V	     Print racoon version and compilation options and exit.

     -v	     This flag causes the packet dump be more verbose, with higher de-
	     bugging level.

     racoon assumes the	presence of the	kernel random number device rnd(4) at
     /dev/urandom.

RETURN VALUES
     The command exits with 0 on success, and non-zero on errors.

FILES
     /etc/racoon.conf  default configuration file.

SEE ALSO
     ipsec(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)

HISTORY
     The racoon	command	first appeared in the "YIPS" Yokogawa IPsec implemen-
     tation.

SECURITY CONSIDERATIONS
     The use of	IKE phase 1 aggressive mode is not recommended,	as described
     in	http://www.kb.cert.org/vuls/id/886601.

BSD			       January 23, 2009				   BSD

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | FILES | SEE ALSO | HISTORY | SECURITY CONSIDERATIONS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=racoon&sektion=8&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help