[Openswan Users] ipsec interfaces share address

Patrick Naubert patrickn at xelerance.com
Fri Jun 21 11:05:15 UTC 2013


Rescued from the Spam bucket.  Please remember to subscribe to the mailing list before posting to it.


From: Adam Jefferiss <adam.jefferiss at gmail.com>
Subject: Re: ipsec interfaces share address
Date: 21 June, 2013 6:08:09 AM EDT
To: users at lists.openswan.org


I've found out what was actually happening after speaking to a couple of people using the machine that was causing problems.

Apparently, they were just restarting ipsec and not xl2tpd as well. After a bit of testing I've only been able to reproduce this when I've got a connection open, then restart ipsec with "/etc/init.d/ispec restart" without first closing down xl2tp. Sorry for the bother, I'll make sure they're restarting both in future.

Cheers,
Adam


On 21 June 2013 08:38, Adam Jefferiss <adam.jefferiss at gmail.com> wrote:
Hi,

I've noticed the following appearing within my logs, when it happens no one can connect until I restart ipsec again; does anyone have any suggests as to the cause or solution?

Jun 20 17:41:13 gateway ipsec_setup: ...Openswan IPsec started
Jun 20 17:41:13 gateway ipsec__plutorun: 002 added connection description "L2TP"way ipsec__plutorun: 003 IP interfaces ppp4 and ppp2 share address 10.44.15.131!
Jun 20 17:29:10 gateway ipsec__plutorun: 003 IP interfaces ppp4 and eth0 share address 10.44.15.131!
Jun 20 17:29:10 gateway ipsec__plutorun: 003 IP interfaces ppp0 and ppp2 share address 10.44.15.131!
Jun 20 17:29:10 gateway ipsec__plutorun: 003 IP interfaces ppp0 and eth0 share address 10.44.15.131!
Jun 20 17:29:10 gateway ipsec__plutorun: 003 IP interfaces ppp2 and eth0 share address 10.44.15.131!
Jun 20 17:29:10 gateway ipsec__plutorun: 003 no public interfaces found

My config currently contians:

version    2.0    # conforms to second version of ipsec.conf specification

# basic configuration
config setup
    nat_traversal=yes
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
    oe=off
    # Which IPsec stack to use: netkey, klips, mast, auto or none
    protostack=klips
    plutostderrlog=/var/log/pluto.log

    nhelpers=0

conn L2TP
    authby=secret
    auto=add
    pfs=no
    type=transport
    rekey=no
    compress=yes
    left=10.44.15.131
    leftnexthop=10.44.15.251
    leftprotoport=17/1701

    right=%any
    rightsubnet=vhost:%no,%priv
    rightprotoport=17/%any
    forceencaps=yes
    dpddelay=40
    dpdtimeout=130
    dpdaction=clear

Thanks,
Adam








-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130621/50ee557e/attachment.html>


More information about the Users mailing list