<div dir="ltr">Hello,<div><br></div><div>I'm trying to connect an EC2 instance to an Amazon Virtual gateway using openswan.</div><div><br></div><div>My configuration:</div><div><br></div><div>1. Ubuntu Trusty, up to date.</div><div>2. Openswan 2.6.38 from the standard Ubuntu package.</div><div><br></div><div>The following configuration (real IP's slightly obscured) worked for me before when I did manual tests:</div><div><br></div><div><div>conn sing-sydney</div><div><span class="" style="white-space:pre"> </span>type=tunnel</div><div> authby=secret</div><div> forceencaps=yes</div><div> auto=start</div><div> left=%defaultroute</div><div> leftid=52.74.73.X</div><div> #leftsourceip=52.74.73.X</div><div><span class="" style="white-space:pre"> </span>leftnexthop=%defaultroute</div><div><span class="" style="white-space:pre"> </span>leftsubnet=<a href="http://172.28.0.0/16">172.28.0.0/16</a></div><div> right=52.64.16.Y</div><div> rightid=52.64.16.Y</div><div> rightsubnet=<a href="http://172.27.0.0/16">172.27.0.0/16</a></div><div><div><br></div><div>But now when I try to re-create the instance from scratch (I'm automating the setup) I get the error '"sing-sydney": We cannot identify ourselves with either end of this connection.'.</div><div><br></div><div>The IP addresses 52.74.73.X and 52.64.16.Y are Elastic IP's (i.e. they are permanent). From what I found the issue is that the IP address is not configured on any of the EC2 instance interfaces directly so I tried to add the external address to the eth0 by executing 'ip addr add 52.74.73.X dev eth0`, which was also the way things worked in the old setup, but that doesn't help.</div><div><br></div><div>I suppose I'm missing another piece of configuration from the working setup but I don't see what (and the old setup is gone by now).</div><div><br></div><div>So what am I missing to make it work?</div><div><br></div><div>Thanks,</div><div><br></div><div>--Amos</div><div class="gmail_signature"><div dir="ltr"><br></div></div>
</div></div></div>