-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sandro Doro wrote: > Hi, > > I am testing Bering 2.3.1 with a multiple IP interface as: > > # ip addr show eth0 > 5: eth0: <BROADCAST,MULTICAST,ALLMULTI,UP> mtu 1500 qdisc pfifo_fast qlen > 1000 > link/ether fe:fd:58:24:f8:e6 brd ff:ff:ff:ff:ff:ff > inet 82.46.148.130/24 brd 82.46.148.255 scope global eth0 > inet 82.46.148.128/24 scope global secondary eth0 > inet6 fe80::fcfd:58ff:fe24:f8e6/64 scope link > > Using the included ipsec.lrp (v.1.0.9) I setup VPN with: > > # /etc/ipsec.conf > [...] > interfaces="ipsec0=eth0 ipsec1=eth0:0" > [...] > > After "/etc/init.d/ipsec restart" the following messages is printed: > > Device "eth0:0" does not exist. > ipsec_setup: unable to determine address of `eth0:0' > > This messages is printed also if I change the ip address with the > following command: > > ip addr add 82.46.148.128/24 dev eth0 label eth0:0 > > I have read in > > http://www.freeswan.ca/docs/HA/HA_VPNS_With_FreeSWAN.html > > that this interface specification is correct. This is possible > only in v2 release (Bering v2.4) ? > > Thank you for any suggestions.
I haven't tried this with FreeS/WAN, but I suspect your problem is you don't have an eth0:0. You *DO* have a secondary IP address on your external interface, but it has no "name" (linux hasn't required the eth<n>:<m> syntax since at least 2.2). Try removing the secondary IP, re-adding it with an appropriate label then starting freeswan: ip addr del 82.46.148.128/24 dev eth0 ip addr add 82.46.148.128/24 label eth0:0 dev eth0 svi ipsec start ...if that works, you'll need to change how you're adding the IP alias in your startup scripts. - -- Charles Steinkuehler [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD7LMYLywbqEHdNFwRAugOAJ9ySUIKShtjxak6/YBdOhXEvwNIMwCeLvg3 rd55FxcC8wzl6N+/BWa4368= =3irC -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
