Red Hat Bugzilla – Bug 113090
Typo in document prevents ipsec from working
Last modified: 2014-08-04 18:14:43 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5)
Description of problem:
There is a small typo in the 6.11 section (IPsec Host-to-Host
Configuration) of the Red Hat Security Guide. In the example of the
ifcfg-ipsec0 configuration, the value for the TYPE parameter is
written as IPsec.
After some testing I came to the conclusion this has to be IPSEC with
all capitals, otherwise the ipsec tunnel won't work if you start it by
hand with the ifup command.
Apparently when no capitals are used the value for the TYPE parameter
is not correctly handled by the network-functions script.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Create an ifcfg-ipsec0 configuration file as described in section
6.11 of the Security Guide.
2. Start the ipsec connection with the following command: ifup ipsec0
Actual Results: When the ifup command is executed the output of how
to use the ethtool is printed on the screen and the last line is
displaying the following error message:
Missing config file ifcfg-ifcfg-ipsec0
Expected Results: The IPsec connection should be started when the
ifup ipsec0 commando is executed.
Maybe the network-functions script should be made case insensitive.
Reassigning to maintainer.
Thank you for your bug report, and for finding this typo.
You are correct, the network scripts are case sensitive so the
TYPE parameter must equal "IPSEC". The fix will appear in
the next version of the Red Hat Enterprise Linux Security Guide.
*** Bug 118683 has been marked as a duplicate of this bug. ***