[Openswan Users] hi, does openswan support multiple instances on one server.?

Willie Gillespie wgillespie+openswan at es2eng.com
Sat May 21 16:20:09 EDT 2011

On 5/21/2011 6:00 AM, Spacelee wrote:
> On Sat, May 21, 2011 at 6:49 PM, Erich Titl <erich.titl at think.ch
> <mailto:erich.titl at think.ch>> wrote:
>     Hi
>     on 21.05.2011 03 <tel:21.05.2011%2003>:02, Spacelee wrote:
>      > I see that OpenVPN supports this, so that each instances can
>     listen on
>      > different ports, so different clients could connect to different
>     ports,
>      > and each of client uses a unique tunnel.
>      > Does OpenSwan support this?
>     OpenSwan is fundamentally different to OpenVpn as in OpenSwan (IPSEC)
>     there is no notion of a 'client'. You could probably call this an
>     initiator.
>     You can define multiple interfaces on a single host and each interface
>     can have multiple connections. As most operations are handled in kernel
>     space, as opposed to OpenVPN, where most things are done in user space,
>     there is typically no need for multiple instances.
>     What exactly do you want to achieve?
> for example, I have 2 ip address, and I need staff and manager use
> different ip address.
> 1.
> 2.
> Staff could use only ip1, and manager could only use ip2, and it's
> different tunnel...The two ip addresses are binded to one machine. So I
> think I need to start 2 openswan instances and two xl2tpd instances to
> severs this?

Yes, you could do this, but with a single Openswan instance.  Just put 
two conns in your config -- one with left= and one with 
left= and set them up as you see fit.  However, xl2tpd will 
treat them more or less the same I think.

More information about the Users mailing list