[Openswan Users] ipsec0 on external interface with alias ip?
Paul Wouters
paul at xelerance.com
Thu Apr 27 17:23:34 CEST 2006
On Thu, 27 Apr 2006, openswan wrote:
> I have one external interface eth0 and alias ip eth0:0 on the same
> interface and "ipsec0=eth0 ipsec1=eth0:0" in ipsec.conf . In this case
> everything is working fine i.e. pluto starts to listen on both ips eth0
> and eth0:0 and because of that the interfaces are one physical interface
> ipsec1=ipsec0 i.e ipsec1 is identical to ipsec0. Is there any way to put
> alias to ipsec0 device (it takes the first ip of my external interface
> eth0 and ignores the alias of this interface eth0:0) or to make it to
> take and the ip alias of the external eth0 and in this way pluto to
> starts to listen on both ips (eth0 and eth0:0). Do I need to modify
> ipsec bash scripts to make ipsec0 to takes and the alias ip of the
> external interface or the correct way is to put "ipsec0=eth0
> ipsec1=eth0:0" in ipsec.conf?
What is your actual problem? The ipsec interfaces are only a path into
the IPsec kernel stack (KLIPS). Why do you need some kind of seperation?
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list