[Openswan Users] Why binding to all interfaces?

OCG Technical Support support at ocg.ca
Wed Oct 15 22:12:28 EDT 2008


My ipsec.conf has:

interfaces=%defaultroute

 

And my conn is:

conn vpn-incoming

        rekey=no

        left=%defaultroute

        leftcert=firewall-cert.pem

        #leftrsasigkey=%cert 

        right=%any

        rightid="C=CA, ST=MyProv, L=MyCity, O=MyOrg, OU=VPN, CN=ABC"

        rightrsasigkey=%cert

        auto=add

 

 

So why does my log show IPsec trying to bind to all interfaces?

 

Oct 15 21:54:49 firewall pluto[16964]: added connection description
"vpn-incoming"

Oct 15 21:54:49 firewall pluto[16964]: listening for IKE messages

Oct 15 21:54:49 firewall pluto[16964]: adding interface ppp0/ppp0
172.31.250.1:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface ppp0/ppp0
172.31.250.1:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth0/eth0
99.249.37.152:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth0/eth0
99.249.37.152:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth3/eth3
172.31.252.1:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth3/eth3
172.31.252.1:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth2/eth2
172.31.253.1:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth2/eth2
172.31.253.1:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth1/eth1
172.31.254.1:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface eth1/eth1
172.31.254.1:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface lo/lo 127.0.0.1:500

Oct 15 21:54:49 firewall pluto[16964]: adding interface lo/lo 127.0.0.1:4500

Oct 15 21:54:49 firewall pluto[16964]: adding interface lo/lo ::1:500

Oct 15 21:54:49 firewall pluto[16964]: | connect_to_host_pair:
99.249.37.152:500 0.0.0.0:500 -> hp:none

 

Thanks,

MD

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081015/d1a4e1c1/attachment.html 


More information about the Users mailing list