Some issues have been identified with the ipsec-racoon daemon which could
potentially cause problems in certain situations. Here is a brief list ...
· Responder ignores initial fragmented message ( patch offered )
· The split_network local_lan support is broken ( patch offered )
· Re-assignment of mode_cfg addresses while old sa's exist
· Will generate inappropriate policies for anonymous sainfo (
documented )
If these problems are not addressed by the ipsec-tools development team,
patches will be offered.