On Thu, 4 Dec 2014, Darren Share wrote:
Can you elaborate? The only use of "elastic IP" I'm aware of is regarding AWS, is that what you mean? I am using a VPS on DigitalOcean for this project if that helps.
Normally in AWS, you get a "static" elastic IP assigned. This public IP is NAT'ed to your virtual machine. But your virtual machine only has RFC1918 addresses configured on it. Because the AWS NAT router will NAT it to your static elastic IP. Now when you do a VPN in tunnel mode, the packet you are sending needs to be "from" your public IP. But you don't have it configured on your virtual machine itself. So you cannot create a source packet with that IP. The usual solution is to configure it as an alias on the loopback or ethernet interface. See: https://libreswan.org/wiki/Interoperability#Amazon_EC2 Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
