[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: Re: [Openswan Users] Ending IPsec tunnels on different NIC aliases
From: Paul Wouters <paul () xelerance ! com>
Date: 2004-12-20 21:25:07
Message-ID: Pine.LNX.4.61.0412202223020.11952 () expansionpack ! xtdnet ! nl
[Download RAW message or body]
On Mon, 20 Dec 2004, Benoit wrote:
> But on some of the servers, I have alias network interface (eth0:0) beside the standard eth0. The
> tunnels are correctly setup and are working for the eth0 interface, but when a tunnel is
> established on the eth0, it is no more possible to add a new tunnel on the eth0:0 interface.
> The error I get from Pluto is "cannot route - route already in use for connection "<name of my
> tunnel to eth0>".
Are you using KLIPS or NETKEY?
> First of all, is it possible to do what I'm trying to do ? Having tunnel ending on the eth0:0
> interface alone is possible, but when I try to make a tunnel on the eth0 or eth0:0 together, the
> eth0:0 doesn't work anymore.
I have personally only done this with KLIPS, and it works. I have not tried
it with NETKEY, because my setup uses Opportunistic Encryptio, which is
not supported with NETKEY.
Can you put the output of 'ipsec barf' somewhere on a website and post the
url?
> Me config is as follow (on the server with eth0 and eth0:0):
>
> version 2.0
> config setup
> interfaces="ipsec0=eth0 ipsec1=eth0:0"
This interfaces line won't do anything when using NETKEY (the 2.6 stack)
Paul
_______________________________________________
Users mailing list
Users@openswan.org
http://lists.openswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic