I think I tried that... Here's what I did:
# ifconfig eth0:0 10.4.1.1 netmask 255.255.255.0 broadcast 10.4.1.255
Here's my ipsec.conf file:
config setup
interfaces="ipsec0=eth0:0"
manualstart=connection
conn connection
left=10.4.1.1
right=10.4.1.65
esp=3des-md5-96
spi=0x........
espenckey=0x.....................
espauthkey=0x.....................
#ifconfig
eth0 Link encap:Ethernet HWaddr....
inet addr:10.4.1.2 Bcast:10.4.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
eth0:0 Link encap:Ethernet HWaddr....
inet addr:10.4.1.1 Bcast:10.4.1.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
ipsec0: Link encap:Ethernet HWaddr....
inet addr:10.4.1.1 Bcast:10.4.1.255 Mask:255.255.255.0
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
UP LOOPBACK RUNNING MTU:16436 Metric:1
It looks though that the FreeS/WAN application treats eth0 and eth0:0 the same.
Is there anything else I should do?
AH
--- "Bantoft, Ken" <kbantoft_at_mdsp.com> wrote:
>
>
> You can do everything you mentioned... But you'll probably need to look at
> iproute2 + policy routing to sort out the routing. The Linux Advanced
> Routing HowTo is a good start. Essentially, you'll see to put a few rules
> in place to send stuff back out the correct interface that it came in,
> instead of the default.
>
>
> As for your second question, FreeS/Wan supports IP aliases as well (eg:
> eth0:0). I use this myself - just change the interfaces= statement in
> /etc/ipsec.conf to something like interfaces="ipsec0=eth0:0"
>
> Ken
> kbantoft_at_mdsp.com
>
>
>
> > -----Original Message-----
> > From: Adrian Horton [mailto:adhort02_at_yahoo.com]
> > Sent: Thursday, April 04, 2002 9:05 AM
> > To: Nate Carlson
> > Cc: users_at_lists.freeswan.org
> > Subject: Re: [Users] FreeS/WAN and Network Aliasing (a.k.a.
> > virtual IP)
> >
> >
> > I want the server to emulate two different IP addresses. One
> > is to have
> > FreeS/Wan running. The other virtual IP address is for an SSL
> > web site.
> >
> > This is for testing. Can I use FreeS/WAN on a Linux server
> > using a virtual IP
> > address?
> >
> > Thanks,
> >
> > AH
> >
> > --- Nate Carlson <natecars+freeswan_at_natecarlson.com> wrote:
> > > On Wed, 3 Apr 2002, Adrian Horton wrote:
> > > > I have a server running FreeS/WAN-1.96. The server
> > (Redhat 7.1) has
> > > > one ethernet interface but I need some traffic coming to
> > the server to
> > > > be cleartext. Can I set up a virtual IP address for the
> > server so that
> > > > FreeS/WAN runs on one IP address but not on the other?
> > > >
> > > > I tried "ifconfig eth0:1 10.X.Y.X netmask 255.255.255.255
> > broadcast
> > > > 10.X.Y.X" which works only in cleartext. When IPSec is
> > turned on the
> > > > eth0 interface tries to encrypt the data.
> > >
> > > Are you saying that you'd like a FreeS/WAN box to talk to a
> > remote host
> > > both in clear text and in encrypted?
> > >
> > > I suppose it'd be possibly, using Linux advanced routing
> > and such.. but it
> > > wouldn't be easy.
> > >
> > > If you want to talk to one host in encrypted, and one host
> > in clear text,
> > > well, that's the default way it works. :)
> > >
> > > (In other words -- we need more info.)
> > >
> > >
> > ----------------------------------------------------------------------
> > > | nate carlson |
> > natecars_at_natecarlson.com |
> > > | brainbench mvp for linux admin --
> > http://www.brainbench.com |
> > > | Depriving some poor
> > village of it's idiot since 1981 |
> > >
> > ----------------------------------------------------------------------
> > >
> >
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Yahoo! Tax Center - online filing with TurboTax
> > http://taxes.yahoo.com/
> > _______________________________________________
> > Users mailing list
> > Users_at_lists.freeswan.org
> > http://lists.freeswan.org/mailman/listinfo/users
> >
>
__________________________________________________
Do You Yahoo!?
Yahoo! Tax Center - online filing with TurboTax
http://taxes.yahoo.com/
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:48 CEST