[Openswan Users] IP interfaces eth1 and eth0 share address
|address| !
Marco Berizzi
pupilla at hotmail.com
Fri Mar 3 12:37:39 CET 2006
Filippo Conti wrote:
> Hi,
> I'm setting up a proxy-ARP firewall, I've got two physical adapters
> having the same IP address.
> When I start with:
> [root at xxx root]# service ipsec start
>
> in /var/log/secure follows this error:
>
> Mar 2 15:24:30 xxx pluto[8205]: IP interfaces eth1 and eth0 share
> address this.is.my.address!
>
> Help ? Thanks...
[you didn't specificy nor openswan version nor linux
kernel version nor linux distro]
[I suppose you are using KLIPS]
With klips you cannot share the same ip on multiple
interface. You must upgrade to a recent 2.6 linux
kernel and use NETKEY. Linux kernels, older than
2.6.16-rc1 don't handle correctly nat in ipsec
tunnels. You should also upgrade to iptables-1.3.5
to filter and nat packets inside ipsec tunnels
(policy match).
More information about the Users
mailing list