search for: ipsectohostb

...t;setkey -D" on both hosts, the key tables are huge after some time. Something doesn't look righ, and I can't pinpoint down what's wrong. It looks like new pair of keys is generate each time host-b is supposed to send packet to host-a. The /etc/sysconfig/network-scripts/ifcfg-IPSecToHostB on host-a looks something like this: DST=192.168.1.100 TYPE=IPSEC ONBOOT=no IKE_METHOD=X509 IKE_CERTFILE=/etc/racoon/certs/host-a IKE_PEER_CERTFILE=/etc/racoon/certs/host-b The /etc/sysconfig/network-scripts/ifcfg-IPSecToHostA on host-b looks similar (DST and IKE_*CERTFILE pointing the other wa...