# Howto ipsec + xauth



## tusharsharma43 (Nov 24, 2011)

Hello all,

I want to configure ipsec with psk + xauth configuration using ipsec-tools and racoon. Below are my configuration.



```
(pc 192.168.3.100)--Lan--(pc 192.168.101.101) wan-----wan--(pc 192.168.101.113)--lan-(192.168.2.100)
```

on 192.168.101.101


```
path pre_shared_key "/etc/racoon/psk.txt";
remote 192.168.101.113 {
        exchange_mode main;
        mode_cfg on;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm md5;
                authentication_method xauth_psk_client;
                dh_group modp1024;
        }
}
sainfo address 192.168.3.0/24 any address 192.168.2.0/24 any {
        pfs_group modp768;
        encryption_algorithm 3des;
        authentication_algorithm hmac_md5;
        compression_algorithm deflate;
}
```

on 192.168.101.113


```
path pre_shared_key "/etc/racoon/psk.txt";
remote 192.168.101.101 {
        exchange_mode main;
        mode_cfg on;
        proposal {
                encryption_algorithm 3des;
                hash_algorithm md5;
                authentication_method xauth_psk_server;
                dh_group modp1024;
        }
}

mode_dfg {
         auth_source system;
         banner "/etc/motd";
         }


sainfo address 192.168.2.0/24 any address 192.168.3.0/24 any {
        pfs_group modp768;
        encryption_algorithm 3des;
        authentication_algorithm hmac_md5;
        compression_algorithm deflate;
}
```

Added equivalent policies in setkey.conf.

When I connect it is not asking for user name and password and giving error 
	
	



```
invalid authentiction method 65001
```

Please help in setting up ipsec with xauth using ipsec-tools and racoon.


Thanking You,
Tushar.


----------

