This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPsec interface on additional addresses

Is there still limitation in ASL3.2 that i can't add ipsec interfaces on additional ip addresses of NIC. Like 'interface ipsec4/eth1:1

If this is still impossible i'd like to know why. Is it limitation in ipsec, tcp/ip, linux implementation of tcp/ip, in implementation of ipsec (freeswan) or in astaro itself.

Is this going to ever work. I can't install more physical cards into my firewall because all slots are in use.

This thread was automatically locked due to age.

Parents

Louis-M over 8 years ago

Look how old this thread is......

14 years later, I'm asking the same question. I have a block of 16 IPv4's and was wondering how to select one of those instead of the primary WAN address.

I can't see where to select it for IPsec.
Cancel
Vote Up 0 Vote Down

Cancel
BAlfson over 8 years ago in reply to Louis-M

Not sure why you want the VPN on an Additional Address, but try using a Remote Gateway that is "Respond only" and have the other side aim at your Additional Address instead of the IP of "External (Address)" - any luck with that?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

BAlfson over 8 years ago in reply to Louis-M

Not sure why you want the VPN on an Additional Address, but try using a Remote Gateway that is "Respond only" and have the other side aim at your Additional Address instead of the IP of "External (Address)" - any luck with that?

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data