[strongSwan] what's the expression of a range of address?
Rayson Zhu
vfreex at gmail.com
Thu Feb 25 07:47:58 CET 2016
You can use a firewall rule rather than narrow your tunnel for this
scenario.
But, users can change their IP addresses manually to bypass your
restriction if you didn't bind their MAC addresses/ports to their IP
addresses.
On Thu, Feb 25, 2016 at 12:03 PM, Tony.He 賀雙鳳 <Tony.He at deltaww.com.cn>
wrote:
> Hi,
>
>
>
> Here is the topology.
>
> local subnet 192.168.1.0/24 -GW A ---Internet----GW B – local
> subnet 192.168.2.0/24.
>
> I want to only allow hosts whose IP addresses in a range to be part
> of the tunnel. For example, 192.168.1.2-192.168.1.8 are allowed
>
> in site A and 192.168.2.3-192.168.2.11 are allowed in site B. Can
> anyone tell me how to configure? Thanks in advance.
>
>
>
> Best regards
>
> Tony
>
>
>
> *************************************************************************
> This email message, including any attachments, is for the sole
> use of the intended recipient(s) and may contain confidential and
> privileged information. Any unauthorized review, use, disclosure or
> distribution is prohibited. If you are not the intended recipient, please
> contact the sender by reply e-mail and destroy all copies of the original
> message. [Delta Electronics, INC. China]
> *************************************************************************
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160225/5b158b57/attachment.html>
More information about the Users
mailing list