[Openswan Users] Host-To-Host VPN with multiply interfaces

[Michael Furman]

I need to configure Host-To-Host VPN between 2 servers while on each server I have 2 interfaces. It means that I need to create 2 IPSec channels that connect the same servers. For example on the first server I have the following: 

eth2     inet
addr:85.85.85.66  Bcast:85.85.85.67  Mask:255.255.255.252

 

eth3      inet
addr:85.85.85.70  Bcast:85.85.85.71  Mask:255.255.255.252

 And on the second server I have the following: 

eth2     inet
addr:85.85.85.68  Bcast:85.85.85.69  Mask:255.255.255.252

 

eth3      inet
addr:85.85.85.72  Bcast:85.85.85.73  Mask:255.255.255.252 I do not have problem with left and right IP configuration since each eth interface has its own IP. My question how to configure leftrsasigkey and rightrsasigkey. Is it possible to create more than one certificate using “ipsec newhostkey” command? Or is it possible to use multiple NSS databases on the same server? If yes, how can I configure path to NSS database in /etc/ipsec.d/my_host-to-host.conf? Any help will be appreciated. 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20160427/fe179027/attachment-0001.html>