Red Hat Bugzilla – Bug 429373
doesn't handle openswan for IPSEC
Last modified: 2016-06-17 17:08:46 EDT
The deployment guide describes ipsec configuration using initscripts ifcfg files
and racoon. If we want to fully switch to openswan, we need to update the
This depends on how we decide to handle openswan configuration, though.
setting as NEEDINFO=reporter for content sources.
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux major release. Product Management has requested further
review of this request by Red Hat Engineering, for potential inclusion in a Red
Hat Enterprise Linux Major release. This request is not yet committed for
Marking as NEEDINFO=reporter for content sources if this is to added to the Security Guide.
Moving NEEDINFO to openswan maintainer. In any case, the ipsec-tools ifcfg file documentation needs removed, as that's not in RHEL 6.
ipsec-tools are not related to Openswan. So removing ipsec-tools documents should not affect Openswan. And yes if Openswan document is not there then, that should be included in RHEL6 deployment guide.
I have removed the entire section on IPsec interface configuration from the RHEL6 Deployment Guide. According to Bill: "there is no integration into initscripts or NetworkManager for openswan at this time." That being the case, the likely target for Openswan documentation at this point is the Security Guide (current component).
happy to write content into the documentation if I can get some advice of the
state of openswan, or some sort of outline/details of what should be covered. anyone?
Avesh - can you provide this info?
Sure. I had prepared a document for GSS and QE training last month that I can send to Scott. This doc can be used as a starting point and if something is not clear, I am provide more info.
Avesh, sounds great, please send asap.
Created attachment 407096 [details]
I have attached the doc, please let me know if you have any questions or need any other details.