IKE (ISAKMP/Oakley) key management daemon
Syntax:
racoon [-BdFLv46] [-f configfile] [-l logfile] [-p isakmp-port]
[-P isakmp-natt-port]
Options:
- -4 or -6
- Specify the default address family for the sockets.
- -B
- Install security association(s) from the file that is specified in
/etc/racoon/racoon.conf.
- -d
- Increase the debug level. Each additional d increases the debug level.
- -F
- Run racoon in the foreground.
- -f configfile
- Use configfile as the configuration file instead of the default.
The default configuration file is /etc/racoon/racoon.conf.
- -L
- Include file_name:line_number:function_name
in all messages.
- -l logfile
- Use logfile as the logging file instead of syslogd.
- -P isakmp-natt-port
- Use isakmp-natt-port for NAT-Traversal port-floating.
The default is 4500.
- -p isakmp-port
- Listen to ISAKMP key exchange on port isakmp-port instead of the
default port number, 500.
- -v
- Cause the packet dump to be more verbose, with a higher debugging level.
Description:
The racoon daemon speaks IKE (ISAKMP/Oakley) key management
protocol, to establish security association with other hosts.
The SPD (Security Policy Database) in the kernel usually triggers to start racoon.
Examples:
For examples showing how to configure racoon directives and statements, see
/etc/racoon.conf.
Files:
- /etc/racoon/racoon.conf
- Default configuration file for racoon.
Exit status:
- 0
- Success.
- > 0
- An error occurred.
Contributing author:
OpenSSL Project