> On Friday, April 24, 2015 10:17 AM, Stuart Henderson <[email protected]> > wrote: > > On 2015-04-24, Yassen Damyanov <[email protected]> wrote: >> Stuart, thanks much for your help. >> >> How about running on different ports, maybe different enc interface, on the >> same machine? > > This came up before: > http://thread.gmane.org/gmane.os.openbsd.tech/35967/focus=35967 > > Sadly this is not currently possible, firstly the port numbers are > defined by the protocol and can't be changed (different IPs could > theoretically work, but would need code changes as iked doesn't support > binding to a specific address) but secondly, iked clears SAs from the > kernel so any existing isakmpd sessions get broken
Well, I see ... no way :) (Thanks again for saving me hours or days to discover that by trial and error.) Cheers,Y.
