Red Hat Bugzilla – Bug 168973
No mechanism for configuring road-warrior gateway/client except by hand
Last modified: 2014-03-16 22:56:04 EDT
+++ This bug was initially created as a clone of Bug #126912 +++
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7) Gecko/20040623
Description of problem:
It seems that the Redhat ifcfg-ipsec0 config for ipsec-tools can not
be configured as a gateway for ipsec road warriors.
There is a requirement that the remote device be specified on all
tunnels, which is impossible to do in a road warrior config, as there
is no way the ipsec-tools gateway can know in advance what IP
addresses the road warrior will use to connect to the server.
This is a serious limitation to RHEL3, and with the lack of stability
of freeswan is a serious setback to anybody trying to deploy a ipsec
Version-Release number of selected component (if applicable):
Steps to Reproduce:
-- Additional comment from email@example.com on 2004-06-29 01:17 EST --
AFAIK, this is not possible with ipsec-tools-0.2.x.
-- Additional comment from firstname.lastname@example.org on 2004-06-29 06:30 EST --
Not according to http://www.ipsec-howto.org/x247.html.
So far it looks like all docs for ipsec-tools are contradictory, the
Redhat supplied docs are incomplete are quite clearly have never been
It raises the question of whether ipsec-tools have any business being
inside the RHEL3 distribution in the first place.
Is this bug still applicable to rawhide?
These scripts were moved to ipsec-tools.
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
ipsec-tools is not really supported for real deployments in fedora. Please use libreswan instead. ipsec-tools is mostly used for interop testing with libreswan.
ipsec-tools has further been replaced by openswan in rhel6 (and libreswan in rhel7)