[Openswan Users] changing ip bound to ipsec0

Kevin Dea kdea at strozllc.com
Wed Jun 6 16:50:09 EDT 2007


That worked.  Thank you!

Kevin 

-----Original Message-----
From: Paul Wouters [mailto:paul at xelerance.com] 
Sent: Wednesday, June 06, 2007 4:46 PM
To: Kevin Dea
Cc: users at openswan.org
Subject: Re: [Openswan Users] changing ip bound to ipsec0

On Wed, 6 Jun 2007, Kevin Dea wrote:

> I'm trying to configure an VPN tunnel, but we're discovering that it
> causes conflicts with some other processes we do on this box.  To
> mitigate this problem, I created an alias interface called eth0:sec
with
> the IP xx.yy.zz.133.  The original interface, eth0, had the IP of
> xx.yy.zz.130.

Make sure to use old style IP aliases (eg ifconfig eth0:sec, not ip addr
add)

> When I restart ipsec, I notice that the interface ipsec0 is still
bound
> to xx.yy.zz.130.  Here is my /etc/ipsec.conf

Which was missing yout interfaces= line. You now need to specify

	interfaces="ipsec0=eth0:sec"
> 022 "ny-bo": We cannot identify ourselves with either end of this
> connection.

Yes, because pluto is watching the wrong interface.

Paul




This message is for the named person's use only.  It may contain
confidential, proprietary or legally privileged information. No right
to confidential or privileged treatment of this message is waived or
lost by any error in transmission.  If you have received this message
in error, please immediately notify the sender by e-mail or by
telephone, delete the message and all copies from your system and
destroy any hard copies.  You must not, directly or indirectly, use,
disclose, distribute, print or copy any part of this message if you
are not the intended recipient.




More information about the Users mailing list