[strongSwan] Trying to work out why connection not being established from AWS

Simon Deziel simon.deziel at gmail.com
Fri Sep 22 20:20:41 CEST 2017


On 2017-09-22 02:13 PM, Whit Blauvelt wrote:
>> Linux aliases are a deprecated concept. Bind the IP to any local
>> interface. Preferably one that can not go down. You can just add it.
>> Anyway, charon needs to listen on the IP to be able to send packets from
>> it.
> 
> I use the word "alias" incorrectly then. It is bound:
> 
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
>     inet 127.0.0.1/8 scope host lo
>        valid_lft forever preferred_lft forever
>     inet 54.69.126.245/32 scope global lo
>        valid_lft forever preferred_lft forever

Is that really needed? AFAIK, having left=%any and leftid=$EIP did the
trick on AWS.

Regards,
Simon

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170922/a172484d/attachment.sig>


More information about the Users mailing list