search for: ipsectohosta

...d to send packet to host-a. The /etc/sysconfig/network-scripts/ifcfg-IPSecToHostB on host-a looks something like this: DST=192.168.1.100 TYPE=IPSEC ONBOOT=no IKE_METHOD=X509 IKE_CERTFILE=/etc/racoon/certs/host-a IKE_PEER_CERTFILE=/etc/racoon/certs/host-b The /etc/sysconfig/network-scripts/ifcfg-IPSecToHostA on host-b looks similar (DST and IKE_*CERTFILE pointing the other way). Keys and certificates for host-a are stored in host-a.private (no passphrase, so that racoon can read the key) and host-a.public and likewise for host-b, just the way ifup-ipsec script expects them to be. After doing &quo...