mirror of
https://git.FreeBSD.org/ports.git
synced 2024-11-20 00:21:35 +00:00
fb16dfecae
Commit b7f05445c0 has added WWW entries to port Makefiles based on
WWW: lines in pkg-descr files.
This commit removes the WWW: lines of moved-over URLs from these
pkg-descr files.
Approved by: portmgr (tcberner)
23 lines
831 B
Plaintext
23 lines
831 B
Plaintext
racoon speaks IKE (ISAKMP/Oakley) key management protocol, to
|
|
establish security association with other hosts.
|
|
|
|
This is the IPSec-tools version of racoon.
|
|
|
|
Enchancements:
|
|
- Support of NAT-T and IKE fragmentation.
|
|
- Support of many authentication algorithms.
|
|
- Tons of bugfixes.
|
|
|
|
Known issues:
|
|
- Non-threaded implementation. Simultaneous key negotiation performance
|
|
should be improved.
|
|
- Cannot negotiate keys for per-socket policy.
|
|
- Cryptic configuration syntax - blame IPsec specification too...
|
|
- Needs more documentation.
|
|
|
|
Design choice, not a bug:
|
|
- racoon negotiate IPsec keys only. It does not negotiate policy. Policy must
|
|
be configured into the kernel separately from racoon. If you want to
|
|
support roaming clients, you may need to have a mechanism to put policy
|
|
for the roaming client after phase 1 finishes.
|