[Openswan dev] Bind Pluto to *:500 / *:4500
Michael Richardson
mcr at marajade.sandelman.ottawa.on.ca
Mon Nov 29 12:57:19 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Henrik" == Henrik Nordstrom <hno at marasystems.com> writes:
>> Is it possible to bind pluto to *:4500 & *:500 instead of it
>> binding to the current ip? The problem is, when you have a
>> dynamic ip on an openswan box connected directly to the i-net,
>> and the ISP hands out dynamic IPs, openswan won't respond anymore
>> to incoming requests after the ip has changed. This is because
>> Pluto binds to the current ppp0 IP and not to 0.0.0.0:500 / 4500.
Henrik> There is many things dependent on the IP, at least when
Henrik> using KLIPS.
Yes, but there is no reason to actually not listen on all IPs.
This change is in the works, but is delayed.
The restart suggestion is the best there is now.
- --
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Xelerance Corporation, Ottawa, ON |net architect[
] mcr at xelerance.com http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBQati9IqHRg3pndX9AQEiRwQA4y/zQm1TbHu0li9sAV/6LbQnUuSLDlUZ
p+9eKudAoZf9hoT82MLNE9bROrRhZMkSjAnmFJSBOwQT61FRCWYMUqyxgd3PUIsu
AdLxT61cmdPFPd68jyLdP+58wJMNRAypn3ISDaKLPD8SXxt3ZgBR59wCm1IohUje
NdXK+azBq6k=
=XQ2Z
-----END PGP SIGNATURE-----
More information about the Dev
mailing list