Hello,
the problem: The box has 2 NIC's with 2 different IP addresses. I have racoon running in tunnel mode using IPsec (or at least i hope it is
) on eth0. When started - racoon listens on eth0 port 500. I configured OpenSwan to run on eth1 (Roadwarrior server) - unfortunately when started, openswan starts to listen on localhost, eth0 and eth1 ports 500, so racoon dies. When trying to restart racoon it says address already in use. I truly believe there is a way to forbid OpenSwan taking all 3 addresses. Both eth0 and eth1 has an external addresses
Any suggestions are welcome
my ipsec.conf
Code:
config setup
nat_traversal=no
nhelpers=0
interfaces="ipsec0=eth1"
klipsdebug=none
plutodebug=none
# overridemtu=1410
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
# Add connections here
conn %default
keyingtries=3
compress=no
disablearrivalcheck=no
keyexchange=ike
ikelifetime=240m
keylife=60m
conn roadwarrior-net
leftsubnet=192.168.1.0/24
also=roadwarrior
conn roadwarrior-all
leftsubnet=0.0.0.0/0
also=roadwarrior
conn roadwarrior-l2tp
leftprotoport=17/0
rightprotoport=17/1701
also=roadwarrior
conn roadwarrior-l2tp-updatedwin
leftprotoport=17/1701
rightprotoport=17/1701
also=roadwarrior
conn roadwarrior
authby=secret
pfs=no
type=tunnel
left=my_eth1_ip
right=%any
rightsubnet=vhost:%no,%priv
auto=add
# sample VPN connections, see /etc/ipsec.d/examples/
#Disable Opportunistic Encryption
include /etc/ipsec/ipsec.d/examples/no_oe.conf