[Openswan Users] changing ip bound to ipsec0
Paul Wouters
paul at xelerance.com
Wed Jun 6 16:46:23 EDT 2007
On Wed, 6 Jun 2007, Kevin Dea wrote:
> I'm trying to configure an VPN tunnel, but we're discovering that it
> causes conflicts with some other processes we do on this box. To
> mitigate this problem, I created an alias interface called eth0:sec with
> the IP xx.yy.zz.133. The original interface, eth0, had the IP of
> xx.yy.zz.130.
Make sure to use old style IP aliases (eg ifconfig eth0:sec, not ip addr add)
> When I restart ipsec, I notice that the interface ipsec0 is still bound
> to xx.yy.zz.130. Here is my /etc/ipsec.conf
Which was missing yout interfaces= line. You now need to specify
interfaces="ipsec0=eth0:sec"
> 022 "ny-bo": We cannot identify ourselves with either end of this
> connection.
Yes, because pluto is watching the wrong interface.
Paul
More information about the Users
mailing list