Вот какая проблема при попытке проложить туннель через IPSEC между dlink DI-808HV и racoon на центось5:
#grep racoon /var/log/messages | tail
Mar 17 10:26:45 router racoon: INFO: respond new phase 1 negotiation: 192.168.1.254[500]<=>192.168.1.201[500]
Mar 17 10:26:45 router racoon: INFO: begin Aggressive mode.
Mar 17 10:26:45 router racoon: INFO: received Vendor ID: draft-ietf-ipsec-nat-t-ike-03
Mar 17 10:26:45 router racoon: WARNING: SPI size isn't zero, but IKE proposal.
Mar 17 10:26:45 router racoon: ERROR: rejected hashtype: DB(prop#1:trns#1):Peer(prop#1:trns#1) = MD5:SHA
Mar 17 10:26:45 router racoon: ERROR: no suitable proposal found.
Mar 17 10:26:45 router racoon: ERROR: failed to get valid proposal.
Mar 17 10:26:45 router racoon: ERROR: failed to process packet.
а вот что в логах у длинка:
Send IKE A1(AINIT) : 192.168.1.201 --> 192.168.1.254
IKED re-TX : AINIT to 192.168.1.254
IKED re-TX : AINIT to 192.168.1.254
IKED re-TX : AINIT to 192.168.1.254
IKED re-TX : AINIT to 192.168.1.254
IKE phase1 (ISAKMP SA) remova 192.168.1.201 <-> 192.168.1.254