From owner-freebsd-questions@FreeBSD.ORG Thu Nov 6 23:23:31 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4AC1816A4CE for ; Thu, 6 Nov 2003 23:23:31 -0800 (PST) Received: from ctb-mesg5.saix.net (ctb-mesg5.saix.net [196.25.240.77]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4DBE943FB1 for ; Thu, 6 Nov 2003 23:23:29 -0800 (PST) (envelope-from matt@databias.co.za) Received: from databias.co.za (wblv-251-224.telkomadsl.co.za [165.165.251.224]) by ctb-mesg5.saix.net (Postfix) with ESMTP id 4A1F213FC; Fri, 7 Nov 2003 09:23:26 +0200 (SAST) Received: from matt by databias.co.za with local (Exim 4.20) id 1AI2pt-0000En-Dc; Fri, 07 Nov 2003 09:23:21 +0000 Date: Fri, 7 Nov 2003 09:23:21 +0000 From: Matthew Faircliff To: Doug Poland Message-ID: <20031107092321.GC652@databias.co.za> References: <3253.69.48.112.158.1068146234.squirrel@email.polands.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3253.69.48.112.158.1068146234.squirrel@email.polands.org> User-Agent: Mutt/1.4.1i cc: questions@freebsd.org Subject: Re: racoon configuration syntax errors X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2003 07:23:31 -0000 Hello, It looks as though your sainfo line (99) is incorrect. I assume that you blanked out the actual ip with A.A.A.A? As per the racoon.conf.dist, an sainfo entry should have the following syntax: sainfo address 203.178.141.209 any address 203.178.141.218 any That is, the security association info for 203.178.141.209 (any port) and 203.178.141.218 (any port) follows.... You cannot just have one ip address as this does not create a 1 to 1 mapping. Should you wish to use those settings for a global sa, use: sainfo anonymous HTH. Matt. On Thu, Nov 06, 2003 at 01:17:14PM -0600, Doug Poland wrote: Date: Thu, 6 Nov 2003 13:17:14 -0600 (CST) From: "Doug Poland" To: questions@freebsd.org Subject: racoon configuration syntax errors Hello, I'm trying to set up an IPSEC VPN tunnel between two FreeBSD servers using Dru Lavigne's excellent series of articles as a guide. (http://www.onlamp.com/pub/a/bsd/2003/01/09/FreeBSD_Basics.html) Unfortunately, I'm having a problem getting racoon to run because of an alleged syntax error in my racoon.conf. I've tried many variations, googled the lists, and looked at numerous on-line HOW-TO's but to no avail. The error message I'm getting from racoon is this: 2003-11-06 13:13:14: ERROR: cftoken.l:494:yyerror(): racoon.conf:99: "A.A.A.A" syntax error 2003-11-06 13:13:14: ERROR: cfparse.y:1397:cfparse(): fatal parse failure (1 errors) racoon: failed to parse configuration file. Here's the area around line 99 of my racoon.conf: (The line numbers are not actually in the racoon.conf file) 98 99 sainfo A.A.A.A 100 { 101 pfs_group 5; 102 lifetime time 24 hour; 103 encryption_algorithm blowfish ; 104 authentication_algorithm hmac_sha1; 105 compression_algorithm deflate ; 106 } 107 Could someone shed some light on this please? Many thanks in advance. -- Regards, Doug _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"