The configure option "--enable-samode-unspec" in the current ebuilds should be changed to "--disable-samode-unspec", this seems to be required for linux in general, for all CPU's / all arch's. The complete discussion is on: http://sourceforge.net/tracker/index.php?func=detail&aid=1227395&group_id=74601&atid=541482 Reproducible: Always Steps to Reproduce: 1. configure a ipsec connection in tunnel mode, with kernel 2.6.12 2. try to establish the connection Actual Results: You will see a message like "...racoon: INFO: IPsec-SA established: ESP/Transport ..." in the syslog and the connection does not work. Expected Results: it should say "...racoon: INFO: IPsec-SA established: ESP/Tunnel..."
Created attachment 63799 [details, diff] fix for a bug with "complex_bundle on" If someone creates a new ebuild for ipsec-tools-0.5 or 0.6, it might be good to apply this patch too, it comes from one of the developers. See also the start of the thread on http://sourceforge.net/tracker/index.php?func=detail&aid=1227395&group_id=74601&atid=541482.
@thomas, please have a look at http://bugs.gentoo.org/show_bug.cgi?id=77369#c14
Seems to be fixed, plese consider marking RESOLVED FIXED after ipsec-tools-0.[2345]* are removed from the tree. See http://bugs.gentoo.org/show_bug.cgi?id=121919#c0
Fixed in >=0.6.2-r1