On Mon, Oct 15, 2018 at 5:09 PM Johan Hattne <[email protected]> wrote: > Not sure I’m understanding your question, but is this not > application-dependent? So for an internal interface mec0 and ssh, you could, > > $ ssh -B mec0 [email protected] > > and for ping, > > $ ping -I mec0 example.com
The addresses in question are aliases of the same interface. For example em1 might be configured with the following addresses: 50.79.22.41 50.79.22.42 50.79.22.43 50.79.22.44 50.79.22.45 I'm using different addresses on the same interface for different things. In this example I have the ipsec vpn listening on 50.79.22.45 and a similar setup on the other end - the non default address is the listening address. Internal systems are working fine between the two subnets, but the OpenBSD firewall itself (if I ping from it, for example) uses the default address of 50.79.22.41 instead of 50.79.22.45 when attempting to connect to the remote network and therefore is not successful. I'm fairly certain if there's a way to configure the firewall to send using the chosen alias address instead of the default address it would work properly. Thanks, Chris
