Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
RACOON(8)		FreeBSD	System Manager's Manual		     RACOON(8)

NAME
     racoon -- IKE (ISAKMP/Oakley) key management daemon

SYNOPSIS
     racoon [-46BdFLVv]	[-f configfile]	[-l logfile] [-P isakmp-natt-port]
	    [-p	isakmp-port]

DESCRIPTION
     racoon speaks the IKE (ISAKMP/Oakley) key management protocol, to estab-
     lish security associations	with other hosts.  The SPD (Security Policy
     Database) in the kernel usually triggers racoon.  racoon usually sends
     all informational messages, warnings and error messages to	syslogd(8)
     with the facility LOG_DAEMON and the priority LOG_INFO.  Debugging	mes-
     sages are sent with the priority LOG_DEBUG.  You should configure
     syslog.conf(5) appropriately to see these messages.

     -4

     -6	     Specify the default address family	for the	sockets.

     -B	     Install SA(s) from	the file which is specified in racoon.conf(5).

     -d	     Increase the debug	level.	Multiple -d arguments will increase
	     the debug level even more.

     -F	     Run racoon	in the foreground.

     -f	configfile
	     Use configfile as the configuration file instead of the default.

     -L	     Include file_name:line_number:function_name in all	messages.

     -l	logfile
	     Use logfile as the	logging	file instead of	syslogd(8).

     -P	isakmp-natt-port
	     Use isakmp-natt-port for NAT-Traversal port-floating.  The
	     default is	4500.

     -p	isakmp-port
	     Listen to the ISAKMP key exchange on port isakmp-port instead of
	     the default port number, 500.

     -V	     Print racoon version and compilation options and exit.

     -v	     This flag causes the packet dump be more verbose, with higher
	     debugging level.

     racoon assumes the	presence of the	kernel random number device rnd(4) at
     /dev/urandom.

RETURN VALUES
     The command exits with 0 on success, and non-zero on errors.

FILES
     /etc/racoon.conf  default configuration file.

SEE ALSO
     ipsec(4), racoon.conf(5), syslog.conf(5), setkey(8), syslogd(8)

HISTORY
     The racoon	command	first appeared in the ``YIPS'' Yokogawa	IPsec imple-
     mentation.

SECURITY CONSIDERATIONS
     The use of	IKE phase 1 aggressive mode is not recommended,	as described
     in	http://www.kb.cert.org/vuls/id/886601.

FreeBSD	Ports 11.2	       January 23, 2009		    FreeBSD Ports 11.2

NAME | SYNOPSIS | DESCRIPTION | RETURN VALUES | FILES | SEE ALSO | HISTORY | SECURITY CONSIDERATIONS

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=racoon&sektion=8&manpath=FreeBSD+12.0-RELEASE+and+Ports>

home | help