[Swan] libreswan 3.9+klips not listen on multiple secondary address

Paul Wouters paul at nohats.ca
Wed Jul 16 20:47:32 EEST 2014


On Wed, 16 Jul 2014, csszep wrote:
> Subject: Re: [Swan] libreswan 3.9+klips not listen on multiple secondary

> It does not work on Debian 7.

> config setup
>        protostack=klips
>        interfaces="ipsec0=eth0:0"

So you want klips....

>

> Jul 16 18:04:38 debian7vm pluto[4348]: Starting Pluto (Libreswan
> Version 3.9 XFRM(netkey) KLIPS NSS DNSSEC LIBCAP_NG XAUTH_PAM
> NETWORKMANAGER KLIPS_MAST CURL(non-NSS) LDAP(non-NSS)) pid:4348

But it started with NETKEY. So you have no ipsecX interfaces and the
interfaces= line is completely ignored.

You need to build the KLIPS module for your currently running kernel.

Paul


More information about the Swan mailing list