Red Hat Bugzilla – Bug 1300751
IKEv2 support for GSSAPI/Kerberos (requires new RFC)
Last modified: 2017-08-02 03:00:29 EDT
+++ This bug was initially created as a clone of Bug #1300750 +++
Implement GSSAPI/Kerberos similarly to the IKEv1 version from https://tools.ietf.org/html/draft-ietf-ipsec-isakmp-gss-auth-07
go through the IPsecME WG to get it specified as RFC.
Paul, is this related to rebase item "GSSAPI authentication for cloud/mesh encryption"? Is it the same thing? In either case, could you please describe it briefly from the testing point of view (if possible)?
Yes it is, but it did not yet come in via a rebase. It will come in as a patch ASAP.
From a testing point of view, you need to have two machines be part of a freeipa domain and then configure a conn using:
Ping :), are you still feeling optimistic about this in 7.4? We are almost in Beta now (this week). Wouldn't be better to let it wait for 7.5?