Bug 128264 - VPN Net2Net not starting on boot
VPN Net2Net not starting on boot
Status: CLOSED DEFERRED
Product: Fedora
Classification: Fedora
Component: initscripts (Show other bugs)
2
All Linux
medium Severity medium
: ---
: ---
Assigned To: Bill Nottingham
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-07-20 18:23 EDT by stef
Modified: 2014-03-16 22:46 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-28 21:42:54 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description stef 2004-07-20 18:23:24 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a1)
Gecko/20040520

Description of problem:
We're using the ipsec wizard in system-network-config.
When selecting a configured VPN to activate on boot
it does not activate the VPN during the boot up process.
Seeing this with i386 and x86_64 platforms.

Version-Release number of selected component (if applicable):
system-config-network-1.3.17-0

How reproducible:
Always

Steps to Reproduce:
1.Configure VPN using ipsec wizard, checking the "activate on boot" option
2.Reboot
3.
    

Actual Results:  VPN not started during boot.

Expected Results:  VPN started during boot.

Additional info:
Comment 1 Harald Hoyer 2004-07-21 07:32:35 EDT
hmmm, the initscripts should just do that...
is there ONBOOT="yes" in /etc/sysconfig/ifcfg-<ipsec connection name>??
Comment 3 Stephen Moore 2004-07-21 19:03:14 EDT
It has recently become quite difficult for us to do any more on this.
I have cipe working on another site and since we have to get this site
online, we have had to take the machine back to FC1 and are using cipe
with it.

We had the link operational and had extracted the necessary commands
to establish the link and incorporated these into a small bash script
- with a view to incorporating this into the rc.local script. 

But even with the link up and running there is and additional problem
with the tunnel where it freezes up all the time. Ping worked but
larger packets would not get through. We have not bugzillered this
this (should we) and now have limited capacity to debug the problem.

Does ipsec actually work for anyone? Having used cipe which "just
worked" this has been a fairly painfull experience.
Comment 4 Stephen Moore 2004-07-21 19:05:18 EDT
Woops included cipe config by mistake, here is the ipsec config.

[stephen@hook etc]$ more sysconfig/network-scripts/ifcfg-CivicCentre 
DSTGW=xx.x.215.154
SRCGW=xx.x.215.153
DSTNET=192.168.0.0/24
SRCNET=192.168.3.0/24
DST=xx.x.215.154
TYPE=IPSEC
ONBOOT=yes

SPI_AH_IN=1770128578
SPI_AH_OUT=1715268816

SPI_ESP_IN=521007198
SPI_ESP_OUT=527678539
Comment 5 Harald Hoyer 2004-07-22 05:24:05 EDT
reassigning to component initscripts
Comment 6 Harald Hoyer 2004-07-22 05:26:34 EDT
> Ping worked but larger packets would not get through. We have not
> bugzillered this this (should we) and now have limited 
> capacity to debug the problem.

Yes, you should bugzilla this. Does it help, if you lower the MTU?
Comment 7 Stephen Moore 2004-07-22 22:05:28 EDT
I did read about mtu problems and I cannot remember if I lowered the
mtu on the eth  device or on the ppp device of the adsl, but it broke
stuff, lacking guidance I gave up in Homer Simpson fashion
Comment 8 Tyler Larson 2005-01-25 14:07:35 EST
The problem is, at least from my experience, that the VPN starts
before the interfaces are brought up. The VPN therefore doesn't get
configured correctly.
Comment 9 Matthew Miller 2005-04-26 12:28:41 EDT
Fedora Core 2 is now maintained by the Fedora Legacy project for
security updates only. If this problem is a security issue, please
reopen and reassign to the Fedora Legacy product. If it is not a
security issue and hasn't been resolved in the current FC3 updates or
in the FC4 test release, reopen and change the version to match.
Comment 10 Bill Nottingham 2005-04-28 21:42:54 EDT
Closing bugs on older, no longer supported, releases. Apologies for any lack of
response. Please reopen if this persists on a current release, such as Fedora
Core 3.

Note You need to log in before you can comment on or make changes to this bug.