>что-то типа ipsec-tools, но ситуация ограничивается использованием дистибутива SLAX. И
>там я уже не в силах скомпилировать и установить ipsec-tools. Потому прошу
>помощи. Установил ipsec-tools. Настроил psk.txt, setkey.conf, racoon.conf
echo 1 > /proc/sys/net/ipv4/ip_forwarding
setkey -f /etc/racoon/setkey.conf
racoon -f /etc/racoon/racoon.conf -F
делаем пинг в сеть главного офиса и смотрим за выводом racoon
2008-04-19 17:48:02: INFO: @(#)ipsec-tools 0.7 (http://ipsec-tools.sourceforge.net)
2008-04-19 17:48:02: INFO: @(#)This product linked OpenSSL 0.9.8g 19 Oct 2007 (http://www.openssl.org/)
2008-04-19 17:48:02: INFO: Reading configuration from "/etc/racoon/racoon.conf"
2008-04-19 17:48:02: DEBUG: call pfkey_send_register for AH
2008-04-19 17:48:02: DEBUG: call pfkey_send_register for ESP
2008-04-19 17:48:02: DEBUG: call pfkey_send_register for IPCOMP
2008-04-19 17:48:02: INFO: Resize address pool from 0 to 255
2008-04-19 17:48:02: DEBUG: reading config file /etc/racoon/racoon.conf
2008-04-19 17:48:02: INFO: 88.31.254.216[500] used as isakmp port (fd=6)
2008-04-19 17:48:02: INFO: 88.31.254.216[500] used for NAT-T
2008-04-19 17:48:07: INFO: IPsec-SA request for 212.XXX.XXX.XXX queued due to no phase1 found.
2008-04-19 17:48:07: INFO: initiate new phase 1 negotiation: 88.31.254.216[500]<=>212.XXX.XX.XXX[500]
2008-04-19 17:48:07: INFO: begin Identity Protection mode.
2008-04-19 17:48:10: INFO: received broken Microsoft ID: FRAGMENTATION
2008-04-19 17:48:10: INFO: received Vendor ID: CISCO-UNITY
2008-04-19 17:48:10: INFO: received Vendor ID: draft-ietf-ipsra-isakmp-xauth-06.txt
2008-04-19 17:48:11: INFO: received Vendor ID: DPD
2008-04-19 17:48:11: ERROR: Expecting IP address type in main mode, but FQDN.
2008-04-19 17:48:11: ERROR: invalid ID payload.
2008-04-19 17:48:20: INFO: received Vendor ID: DPD
2008-04-19 17:48:20: ERROR: Expecting IP address type in main mode, but FQDN.
2008-04-19 17:48:20: ERROR: invalid ID payload.
2008-04-19 17:48:21: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2008-04-19 17:48:23: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2008-04-19 17:48:25: ERROR: ignore information because ISAKMP-SAhas not been established yet.
2008-04-19 17:48:27: ERROR: ignore information because ISAKMP-SAhas not been established yet.
Где копать ? Как понимать два первых сообщения ERROR ?