No joy. The two don't seem to be negotiating, or at least a tcpdump on a 3rd LAN machine shows the ping in cleartext.
I know the low level ipsec works because I can use setkey to set it up and it works. I've been able to do that for a couple weeks. I just can't get this &^%@&^%!! racoon to work. The racoon.conf and pfkey.txt on the machines are lifted straight out of the Advanced Routing HOWTO.
