While waiting for an IPSec Security Association to be established between two peers, transmitting data to this peer blocks or hangs. Can this behavior be changed to silently drop the traffic instead?

Updated -

The following article applies to Red Hat Enterprise Linux version 5 Update 1 and forward. Kernels available for previous releases do not contain the required support for this feature.


Normally when an IPsec policy exists requiring two hosts to communicate securely, and a Phase 2 Security Association (SA) between these two hosts does not yet exist or ...

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content