[strongSwan] interface selection on MOBIKE
Alexis Salinas
alexis.salinas at inmotiontechnology.com
Wed Dec 29 01:10:21 CET 2010
Hi all,
I'm wondering if there a way to tell MOBIKE which interfaces it should consider during path discovery. I have a couple of gateways with multiple WAN links, but they also have some GRE tunnels interfaces, and I would like to tell MOBIKE which links to use (or not to use) out of all the available. (Pluto is also running but the connection is defined for ikev2 and mobike)
[root at GATEWAY1 ~]# ipsec statusall
000 Status of IKEv1 pluto daemon (strongSwan 4.3.5):
000 interface eth0.164/eth0.164 192.168.3.47:4500
000 interface eth0.164/eth0.164 192.168.3.47:500
000 interface lo/lo ::1:500
000 interface lo/lo 127.0.0.1:4500
000 interface lo/lo 127.0.0.1:500
000 interface lo:0/lo:0 192.168.22.206:4500
000 interface lo:0/lo:0 192.168.22.206:500
000 interface br0/br0 172.22.0.1:4500
000 interface br0/br0 172.22.0.1:500
000 interface ppp0/ppp0 10.179.141.133:4500
000 interface ppp0/ppp0 10.179.141.133:500
000 interface tun1/tun1 192.168.40.1:4500
000 interface tun1/tun1 192.168.40.1:500
000 %myid = '%any'
000 loaded plugins: aes des sha1 sha2 md5 random x509 pubkey pkcs1 pgp dnskey pem hmac gmp
000 debug options: none
000
Status of IKEv2 charon daemon (strongSwan 4.3.5):
uptime: 2 hours, since Dec 28 13:49:10 2010
worker threads: 1 idle of 8, job queue load: 0, scheduled events: 4
loaded plugins: aes des sha1 sha2 md5 fips-prf random x509 pubkey pkcs1 pgp dnskey pem xcbc hmac gmp kernel-netlink stroke updown attr resolve
Listening IP addresses:
172.22.0.1
192.168.3.47
10.179.141.133
192.168.40.1
10.4.0.18
Connections:
TO-GATEWAY2: 192.168.3.47...XX.XX.XX.XX, dpddelay=10s
TO-GATEWAY2: local: [GATEWAY1] uses pre-shared key authentication
TO-GATEWAY2: remote: [XX.XX.XX.XX] uses any authentication
TO-GATEWAY2: child: 192.168.22.206/32 === 192.168.4.203/32 , dpdaction=restart
Cheers,
Alexis
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20101228/283d8330/attachment.html>
More information about the Users
mailing list