Hi, is there a way to bind iked to carp ip address? I've tried with 'local <carp.ip.ali.as>' but it still binds to all addresses:
Proto Recv-Q Send-Q Local Address Foreign Address (state) udp 0 0 *.ipsec-na *.* udp 0 0 *.isakmp *.* When client tries to connect to carp ip, iked responds with source address of physical interface. I have a pair of carp firewalls which are giving my users the ability to connect over pptp (npppd) and openvpn - both of those listen on one of carp ip aliases. Failover is not graceful but it is good enough. I wanted to add ikev2 to the mix, but I'd like to keep it on the same (carp) ip address as the other two vpn services. Is this possible? Thank you in advance, -- Marko Cupać https://www.mimar.rs/
