I have established a secured ESP-only IPSec link between glass and teapot using Fedora Linux Core 2 native network interface configuration. I have opted for manually keyed Security Associations since there are a few glitches when using racoon’s ISAKMP implementation and KAME 2.6 kernels IPSec implementation that I’m describing right now:

Userspace and on-demand SA establishment [...]