Hi; I have a problem with ipsec host2host mode configured via system-config- network. Any traffic i generate from Host A 2 B causes a 'resource temporarily unavailable' message (ping , ssh, whatever) on A. Normal traffic (not directed to B) still works. Restarting the network or booting didn't help (A). At B the problem could be booted away (= A has this prob B once but not anymore) and never showed up again ! I run FC3 with all latest patches and SELinux in 'targeted' mode (on both nodes (A + B). Firewall (both) runs with 500:udp (ike) and proto:50,51 (esp/ah) open on both machines. A has two nics (one configured on unconfigured). $ ping B connect: Resource temporarily unavailable # ping B connect: Resource temporarily unavailable # /var/log/messages on A [root@A init.d]# tail /var/log/messages Jan 12 14:34:42 A racoon: INFO: initiate new phase 2 negotiation: 192.168.10.7[0]<=>192.168.10.8[0] Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: AH/Transport 192.168.10.8->192.168.10.7 spi=9419285(0x8fba15) Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: ESP/Transport 192.168.10.8->192.168.10.7 spi=113973835(0x6cb1a4b) Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: AH/Transport 192.168.10.7->192.168.10.8 spi=119854291(0x724d4d3) Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: ESP/Transport 192.168.10.7->192.168.10.8 spi=169435739(0xa19625b) Any insight how to workaround that ? PS Another bug is that racoon may leave /tmp/.racoon and refuses to re-start in that case (check and rm if ... missing). --- looks like this .. Jan 12 14:15:07 A racoon: ERROR: bind(sockname:/tmp/.racoon): Address already in use -- hb <hburde@xxxxxxxxxxx>