It can only be set with the charon.interfaces_use and charon.interfaces_ignore settings in strongswan.conf. You need to read the man page that corresponds to your software. The one you linked is for openswan, which doesn't share any code with strongSwan. It even says so in the text.
On 02.05.2017 01:13, Piyush Agarwal wrote: > Hi, > I am using strongswan 5.1.2 on Ubuntu 14.04 and I need to specify the IP > address on which to listen on. I found some ipsec.conf manpages > (https://linux.die.net/man/5/ipsec.conf) which suggest a config item > "listen", but strongswan 5.1.2 at least doesn't seem to have this option. > > Is there not a way to specify the listen IP address? In my case, this IP > address is actually on the loopback interface. As long as I can specify the > listen interface, I should be fine. > > config setup > * listen=10.100.0.5* > > conn %default > ikelifetime=60m > keylife=20m > rekeymargin=3m > keyingtries=1 > keyexchange=ikev2 > authby=rsasig > > conn 10.10.10.8 > type=transport > left=10.100.0.5 > leftcert=left.cert > leftsendcert=always > rightcert=right.cert > right=10.10.10.8 > auto=start > > */etc/ipsec.conf:7: unknown keyword 'listen' [10.100.0.5]* > *unable to start strongSwan -- fatal errors in config* > > > -- > Piyush Agarwal > Life can only be understood backwards; but it must be lived forwards. > > > > _______________________________________________ > Users mailing list > Users@lists.strongswan.org > https://lists.strongswan.org/mailman/listinfo/users
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
