[Openswan Users] Securing dual-stack IPv4-IPv6?
patrickn at xelerance.com
Mon May 27 00:38:34 UTC 2013
Rescued from the spam bucket. Please remember to subscribe to the mailing list before posting to it.
From: Kevin Keane - The NetTech <kkeane at 4nettech.com>
Subject: Securing dual-stack IPv4-IPv6?
Date: 26 May, 2013 7:57:39 PM EDT
To: users at lists.openswan.org <users at lists.openswan.org>
I'm trying to figure out how to use IPsec with dual-stack IPv4/IPv6 connections. For some reason, on my system, only either IPv4 or IPv6, but not both, will have IPsec enabled.
This is on Centos 6.4, openswan-2.6.32-20.el6_4.x86_64
I'm using transport mode,
One clue I have is that the remote side says that it can't install the eroute for IPv6 because it is already in use for IPv4:
May 26 16:15:19 remote pluto: "myfqdn-6": cannot install eroute -- it is in use for "myfqdn-4" #0
(I think it is random chance whether the error occurs for the IPv6 or IPv4 connection).
I am using the following ipsec.conf:
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users