[Openswan Users] How do I definitively tell openswan what interface I want to use?
Paul Wouters
paul at xelerance.com
Thu Jun 10 01:08:21 EDT 2010
On Wed, 9 Jun 2010, Greg Scott wrote:
> Hopefully this is easy. I have some bridged setups with ipsec tunnels where device br0 has multiple IP Addresses.
> When Openswan starts up, it looks like it picks the first IP Address on the br0 interface to announce what it’s
> picking. In case it picks wrong one of these days, how do I tell it definitively which IP Address on which
> interface? Or is this just an opening announcement and I don’t need to worry about it?
It binds to all addresses that are configured at startup. If an address is added
later on, currently, pluto needs to be told to rebind these with "ipsec whack --listen"
> ipsec_setup: multiple ip addresses, using 10.0.0.10 on br0
The message is a bit confusing. It will "use" the IP address it received a packet
of when responding, and it uses the "nearest" IP address when initiating when
using "%defaultroute". If will use the ip or resolved host name ip if specified
in the conn.
Paul
More information about the Users
mailing list