<html><head><meta http-equiv="Content-Type" content="text/html charset=iso-8859-1"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Hi<div><br></div><div>leftid and righted is something else. </div><div>What I'm trying to say is to have 2 different password for two different tunnels but with the same peers.</div><div><br></div><div>Lets say I have two tunnels.</div><div><br></div><div><div>conn net1</div><div> ike=aes256-md5-modp1024!</div><div> esp=aes256-md5!</div><div> left=192.168.1.1</div><div> right=192.168.9.1</div><div> leftsubnet=123.123.123.0/27</div><div> rightsubnet=111.111.111.0/32</div><div> auto=route</div><div><br></div><div>conn net2</div><div> ike=aes256-sha1-modp1024!</div><div> esp=aes256-sha1!</div><div> left=192.168.1.1</div><div><div> right=192.168.9.1</div></div><div> leftsubnet=124.124.124.0/32</div><div> rightsubnet=2.2.2.2/32</div><div> auto=route</div></div><div><br></div><div>So I have the same peers but different tunnels. How I can setup my ipsec.secret for them if I need to put there peers and PSK ?</div><div><br></div><div>I should be something like:</div><div>192.168.1.1 192.168.9.1 : PSK "password1" # this should be with leftsubnets 123.123.123.0/27</div><div><div>192.168.1.1 192.168.9.1 : PSK "password2" # this should be with leftsubnets 124.124.124.0/32</div></div><div><br></div><div><br></div><div>Thanks,</div><div>Pawel</div><div><br></div><div><div><div>On 9 Nov 2013, at 06:09, Ali Masoudi <<a href="mailto:masoudi1983@gmail.com">masoudi1983@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><div dir="ltr"><div>Hi</div><div><br></div>I think it is possible. you can use different pairs of leftid/rightid.<div><br></div><div>Best wishes</div></div><div class="gmail_extra"><br><br><div class="gmail_quote">On Fri, Nov 8, 2013 at 5:00 PM, Pawel Grzesik <span dir="ltr"><<a href="mailto:pawel.grzesik@brainstorm.co.uk" target="_blank">pawel.grzesik@brainstorm.co.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Hi All,<br>
<br>
Just a quick question. Is it possible to have at the ipsec.secret two difference PSK for the same peers but difference tunnels ?<br>
<br>
For example<br>
PEER_ME PEER_EXTERNAL : PSK "test1"<br>
PEER_ME PEER_EXTERNAL : PSK "test2"<br>
<br>
I have the same PEER_ME and also PEER_EXTERNAL are also the same IP. The difference is just a PSK and the tunnels. I'm sure it's possible at the cisco, but what about my site witch is on StrongSwan? Anyone?<br>
<br>
Thanks,<br>
Pawel<br>
_______________________________________________<br>
Users mailing list<br>
<a href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br>
<a href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote></div><br></div>
_______________________________________________<br>Users mailing list<br><a href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br>https://lists.strongswan.org/mailman/listinfo/users</blockquote></div><br></div></body></html>