FC3 ipsec problem

[hb]

Hi;

I have a problem with ipsec host2host mode configured via system-config-
network. Any traffic i generate from Host A 2 B causes a 'resource
temporarily unavailable' message (ping , ssh, whatever) on A. Normal
traffic (not directed to B) still works. Restarting the network or
booting didn't help (A). At B the problem could be booted away (= A has
this prob B once but not anymore) and never showed up again !

I run FC3 with all latest patches and SELinux in 'targeted' mode (on
both nodes (A + B). Firewall (both) runs with 500:udp (ike) and
proto:50,51 (esp/ah) open on both machines. A has two nics (one
configured on unconfigured).

$ ping B
connect: Resource temporarily unavailable

# ping B
connect: Resource temporarily unavailable

# /var/log/messages on A
[root at A init.d]# tail /var/log/messages
Jan 12 14:34:42 A racoon: INFO: initiate new phase 2 negotiation:
192.168.10.7[0]<=>192.168.10.8[0]
Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: AH/Transport
192.168.10.8->192.168.10.7 spi=9419285(0x8fba15)
Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: ESP/Transport
192.168.10.8->192.168.10.7 spi=113973835(0x6cb1a4b)
Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: AH/Transport
192.168.10.7->192.168.10.8 spi=119854291(0x724d4d3)
Jan 12 14:34:42 A racoon: INFO: IPsec-SA established: ESP/Transport
192.168.10.7->192.168.10.8 spi=169435739(0xa19625b)

Any insight how to workaround that ?

PS Another bug is that racoon may leave /tmp/.racoon and refuses to
re-start in that case (check and rm if ... missing).

--- looks like this .. 
Jan 12 14:15:07 A racoon: ERROR: bind(sockname:/tmp/.racoon): Address
already in use
-- 
hb <hburde at t-online.de>