[Openswan Users] openswan uses wrong external IP

Paul Wouters paul at xelerance.com
Thu Jun 23 12:00:59 EDT 2011


On Wed, 22 Jun 2011, Elvar wrote:

> I have multiple external IP aliases being used on eth0 and for some
> reason when I restart my ubuntu firewall box openswan often defaults to
> eth0:1 instead of just eth0. Below shows an example of what I am
> referring to..
>
> service ipsec restart
> ipsec_setup: Stopping Openswan IPsec...
> ipsec_setup: Starting Openswan IPsec U2.6.23/K2.6.32-29-server...
> ipsec_setup: multiple ip addresses, using  192.168.0.226 on eth0
>
>
> .226 is eth0:1 whereas .225 is eth0. How do I force Openswan to bind to
> a specific IP address on eth0? When it defaults to eth0:1 my ipsec
> tunnels do not work.

If you really want this, and normally you don't because openswan binds to *
and then figures out what ip to use based on ipsec policy, you can force
things with listen= in ipsec.conf's "config setup" section.

Paul


More information about the Users mailing list