On 24 April 2014 12:12, Philipp <e1c1bac6253dc54a1e89ddc046585...@posteo.net> wrote: > Am 22.04.2014 17:28 schrieb Mike Belopuhov: > >> more like it's not supported and is not supposed to work. > > not supposed as in 'not wanted'? >
not supposed. > >> it's like running nginx and apache at the same time but > > Quite frankly: I'm doing that in some locations ;-) > not on the same port (80) though. ikev2 and isakmp both use same udp ports (500 and 4500). > >> worse since there are kernel tentacles involved as well >> (as you might have figured out already) that will likely > > That's somehow the main problem, the two daemons are not > trying to "share" the pfkey2 ioctls outcome. i don't see it like that. > So, I can wait til iked supports ikev1, too. there are no current plans to implement ikev1 support that i'm aware of. > Using a different machine will be quite painful at the moment. > Rock+hard place. > > >> prevent you from doing that on the same box but different >> ip addresses. > > Nevertheless I'd say that a Listen-on style directive for iked > would a useful thing[tm], e.g. to default the srcid to that. > perhaps. currently i believe srcid will default to "local" if specified. > Cheers. >