[Openswan Users] Problems using openswan and KLIPS on alias interface

Diogo V. kersting k at brlix.com
Wed Apr 27 10:08:12 EDT 2011


There was a missing part on my last e-mail. Here is the full e-mail:

Hello.

I'm having problems while using openswan and KLIPS on alias interface.
When I set interfaces="ipsec0=eth0" it works fine, but the same config
using interfaces="ipsec0=eth0:1" gives (at auth.log):

"vpn1": We cannot identify ourselves with either end of this connection.
"vpn1": deleting connection

The interfaces are being brought up by the debian scripts (I don't
think these scripts use ip addr add).
Here the IPs:

# ifconfig eth0
eth0      Link encap:Ethernet  HWaddr 08:00:27:46:48:43
 inet addr:192.168.30.250  Bcast:192.168.30.255  Mask:255.255.255.0

# ifconfig eth0:1
eth0:1    Link encap:Ethernet  HWaddr 08:00:27:46:48:43
          inet addr:192.168.30.251  Bcast:192.168.30.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1

Here is the config of each interface:
-----ipsec.conf eth0 -----
version 2.0

config setup
    interfaces="ipsec0=eth0"
    protostack=klips
    nat_traversal=yes
    oe=off
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:!192.168.30.0/24

 conn vpn2
         auto=start
         type=tunnel
         left=192.168.30.101
         right=192.168.30.250
         leftrsasigkey=0sAQOfG2Yz8BOd[...]
         rightrsasigkey=0sAQNgKDm0Hx6JLhin12p[...]


-----ipsec.conf eth0:1 -----

version 2.0

config setup
    interfaces="ipsec0=eth0:1"
    protostack=klips
    nat_traversal=yes
    oe=off
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:!192.168.30.0/24

 conn vpn1
         auto=start
         type=tunnel
         left=192.168.30.101
         right=192.168.30.251
         leftrsasigkey=0sAQOfG2Yz8BOd[...]
         rightrsasigkey=0sAQNgKDm0Hx6JLhin12p[...]
 --------------------


I tried google, but no success. What am I doing wrong?

--
--
Diogo V. Kersting


More information about the Users mailing list