Am 22.04.2014 17:28 schrieb Mike Belopuhov:
more like it's not supported and is not supposed to work.
not supposed as in 'not wanted'?

it's like running nginx and apache at the same time but
Quite frankly: I'm doing that in some locations ;-)

worse since there are kernel tentacles involved as well
(as you might have figured out already) that will likely
That's somehow the main problem, the two daemons are not
trying to "share" the pfkey2 ioctls outcome. So, I can wait til iked supports ikev1, too. Using a different machine will be quite painful at the moment. Rock+hard place.

prevent you from doing that on the same box but different
ip addresses.
Nevertheless I'd say that a Listen-on style directive for iked
would a useful thing[tm], e.g. to default the srcid to that.


Reply via email to