[Openswan Users] hi, does openswan support multiple instances on one server.?
Willie Gillespie
wgillespie+openswan at es2eng.com
Sat May 21 16:20:09 EDT 2011
On 5/21/2011 6:00 AM, Spacelee wrote:
>
>
> On Sat, May 21, 2011 at 6:49 PM, Erich Titl <erich.titl at think.ch
> <mailto:erich.titl at think.ch>> wrote:
>
> Hi
>
> on 21.05.2011 03 <tel:21.05.2011%2003>:02, Spacelee wrote:
> > I see that OpenVPN supports this, so that each instances can
> listen on
> > different ports, so different clients could connect to different
> ports,
> > and each of client uses a unique tunnel.
> > Does OpenSwan support this?
>
> OpenSwan is fundamentally different to OpenVpn as in OpenSwan (IPSEC)
> there is no notion of a 'client'. You could probably call this an
> initiator.
>
> You can define multiple interfaces on a single host and each interface
> can have multiple connections. As most operations are handled in kernel
> space, as opposed to OpenVPN, where most things are done in user space,
> there is typically no need for multiple instances.
>
> What exactly do you want to achieve?
>
>
> for example, I have 2 ip address, and I need staff and manager use
> different ip address.
> 1. 192.168.1.100
> 2. 192.168.1.101
>
> Staff could use only ip1, and manager could only use ip2, and it's
> different tunnel...The two ip addresses are binded to one machine. So I
> think I need to start 2 openswan instances and two xl2tpd instances to
> severs this?
Yes, you could do this, but with a single Openswan instance. Just put
two conns in your config -- one with left=192.168.1.100 and one with
left=192.168.1.101 and set them up as you see fit. However, xl2tpd will
treat them more or less the same I think.
More information about the Users
mailing list