[strongSwan] Issue with changing IP address in strongSwan containers

Karan Sharma karan2189 at gmail.com
Fri Jan 13 18:26:44 CET 2017


I am currently working on an implementation where i need to create IPSEC
IKEV2 connection from strongSwan containers. I am able to set it up
properly and its working from within the containers where the container is
acting as VPN client and Cisco ASA acting as headend. It uses venet0:0 as
client IP address in the VPN tunnel and i can see it on the headend.
Additionally, i have removed iptables feature because i want the headend to
see container IP addresses in the tunnel. All well upto this point.

Problem starts appearing when i change IP address of the container venet0:0
interface to any other IP address in the same subnet. Moment thats done,
entire communication fails and container even stops pinging the base os
(CT0) IP address. I am trying to figure out the way to come out of the
situation but haven been able to do so. Is it so difficult to change the
container IP address from within the container ?

Any help is appreciated

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170113/f037d77f/attachment.html>

More information about the Users mailing list