From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: cipe interface created by gui tool did not have a ME=W.X.Y.Z line in ifcfg-cipcb0. With a dynamically assigned peer, cipe does not respond unless ME is specified, so the VPN never comes up. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.Create a cipe device in the gui. Leave the peer IP blank. 2.Attempt to bring the VPN up (both ends) 3.tcpdump the network looking for packets on the vpn ports. Actual Results: On the RH8.0 machine with a fixed IP, tcpdump shows packets from the remote machine arriving, on the correct port. The RH8.0 fixed-ip machine does not send a reply to the remote machine. Expected Results: The RH8.0 should have started sending replies and the VPN should have been established. Additional info: The workaround was to manually add 'ME=W.X.Y.Z' to the fixed-ip address end of the VPN. After this, and down/up cipcb0 on the fixed ip machine, the tcpdump started seeing replies to the remote dynamic ip machine, and the vpn came up.
The problem seems to be related to default setting of ME in ifup-cipcb. When no ME is specified in options file and ifcfg file if is assigned 0.0.0.0. I would then expect cipe demon to listen on all interfaces but it instead listens on loopback interface which doesn't really make a lot of sense. This was discovered on RH 7.3.
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still running Red Hat Linux, you are strongly advised to upgrade to a current Fedora Core release or Red Hat Enterprise Linux or comparable. Some information on which option may be right for you is available at http://www.redhat.com/rhel/migrate/redhatlinux/. Red Hat apologizes that these issues have not been resolved yet. We do want to make sure that no important bugs slip through the cracks. Please check if this issue is still present in a current Fedora Core release. If so, please change the product and version to match, and check the box indicating that the requested information has been provided. Note that any bug still open against Red Hat Linux on will be closed as 'CANTFIX' on September 30, 2006. Thanks again for your help.
Red Hat Linux is no longer supported by Red Hat, Inc. If you are still running Red Hat Linux, you are strongly advised to upgrade to a current Fedora Core release or Red Hat Enterprise Linux or comparable. Some information on which option may be right for you is available at http://www.redhat.com/rhel/migrate/redhatlinux/. Closing as CANTFIX.