[Openswan Users] Problems using openswan and KLIPS on alias interface

[Diogo V. kersting]

Thanks for your answer. That did not solve the problem:
Here is what I used:

# ipsec --version
Linux Openswan 2.6.33 (klips)

# uname -r
2.6.38-xeon

# ifconfig eth0
eth0       Encapsulamento do Link: Ethernet  Endereço de HW 00:16:3E:71:03:03
          inet end.: 192.168.10.230  Bcast:192.168.10.255  Masc:255.255.255.0

# ifconfig eth0:4
eth0:4     Encapsulamento do Link: Ethernet  Endereço de HW 00:16:3E:71:03:03
          inet end.: 192.168.15.1  Bcast:192.168.15.255  Masc:255.255.255.0

###ipsec.conf###

version 2.0

config setup
        interfaces="ipsec0=eth0 ipsec1=eth0:4"
        protostack=klips

conn vpn1
   authby=secret
   auto=add
   type=tunnel
   left=192.168.10.230
   right=192.168.10.70

conn vpn2
   authby=secret
   auto=add
   type=tunnel
   left=192.168.15.1
   right=192.168.15.70

###end ipsec.conf###

# ipsec auto --up vpn1
104 "vpn1" #1: STATE_MAIN_I1: initiate
003 "vpn1" #1: received Vendor ID payload [Openswan (this version) 2.6.33 ]
003 "vpn1" #1: received Vendor ID payload [Dead Peer Detection]
106 "vpn1" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "vpn1" #1: STATE_MAIN_I3: sent MI3, expecting MR3
003 "vpn1" #1: received Vendor ID payload [CAN-IKEv2]
004 "vpn1" #1: STATE_MAIN_I4: ISAKMP SA established
{auth=OAKLEY_PRESHARED_KEY cipher=aes_128 prf=oakley_sha
group=modp2048}
117 "vpn1" #2: STATE_QUICK_I1: initiate
004 "vpn1" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel
mode {ESP=>0xdcbbb294 <0x0ee2a930 xfrm=AES_128-HMAC_SHA1 NATOA=none
NATD=none DPD=none}

// vpn1 works!

root at desenv1:/usr/local/ipsec/etc# $IPSEC auto --down vpn1
root at desenv1:/usr/local/ipsec/etc# $IPSEC auto --up vpn2
022 "vpn2": We cannot identify ourselves with either end of this connection.

// vpn2 doesn't.


Any suggestions?
--
Diogo V. Kersting - Epidemus LTDA