[Openswan Users] IP interfaces eth1 and eth0 share address |address| !

Marco Berizzi pupilla at hotmail.com
Fri Mar 3 12:37:39 CET 2006

Filippo Conti wrote:

> Hi,
> I'm setting up a proxy-ARP firewall, I've got two physical adapters
> having  the same IP address.
> When I start with:
> [root at xxx root]# service ipsec start
> in /var/log/secure follows this error:
> Mar  2 15:24:30 xxx pluto[8205]: IP interfaces eth1 and eth0 share
> address this.is.my.address!
> Help ? Thanks...

[you didn't specificy nor openswan version nor linux
kernel version nor linux distro]

[I suppose you are using KLIPS]
With klips you cannot share the same ip on multiple
interface. You must upgrade to a recent 2.6 linux
kernel and use NETKEY. Linux kernels, older than
2.6.16-rc1 don't handle correctly nat in ipsec
tunnels. You should also upgrade to iptables-1.3.5
to filter and nat packets inside ipsec tunnels
(policy match).

More information about the Users mailing list