Hi, Just wanted to add that the IP that's not "usable" is found prior to that judgment by pluto:
Sep 11 09:54:20 nyfw1 pluto[9960]: adding interface enp2s0f1/enp2s0f1 <public IP>:500 Sep 11 09:54:20 nyfw1 pluto[9960]: adding interface enp2s0f1/enp2s0f1 <public IP>:4500 Again looking between the older Openswan system which is similarly using a public IP which is one of many on a WAN interface without complaint, and this Libreswan system where pluto thinks it's not "usable," I see no significant difference. In both cases, it's an IP from the middle of the range on the interface. Googling I find this error message goes back over a decade. But I can't find an instance yet where there's a solution that corresponds to my circumstance. Pluto sees the interface; it sees the public IP on it; it's a good public IP; it can even receive the IPsec initialization request from the AWS end (which, unlike this one, is behind a NAT). So it looks very much like pluto should accept the IP, not refuse to run with it based on unstated criteria. At the very least, it should throw an error message which gives the reason for its judgment. "man pluto" gives no definition of a "usable" IP. Is there one somewhere? Thanks, Whit _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
