<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
Would you like to explain it in details?<br>
You mean that we should set VPN as default gateway?<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
On 05/06/2015 02:44 PM, Bernhard Marx wrote:<br>
</div>
<blockquote
cite="mid:CANg3f_7MqZE16VG__F+Fg9g9TpYUaNr3iSGJxpR_eRxOq5j5zA@mail.gmail.com"
type="cite">
<div dir="ltr">Hi all,
<div><br>
</div>
<div>for my issue I could resolve it with adding a routing rule
to all clients, because the VPN is not the default gateway for
<a moz-do-not-send="true" href="http://192.168.120.0/24">192.168.120.0/24</a>
network...</div>
<div><br>
</div>
<div>Bernhard</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">2015-05-05 5:12 GMT+02:00 zhuyj <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:mounter625@163.com" target="_blank">mounter625@163.com</a>></span>:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hi, Noel<br>
<br>
This is the output of forwarding on sun:<span class=""><br>
<br>
root@strongswan2:~# cat /proc/sys/net/ipv4/ip_forward<br>
1<br>
</span>
root@strongswan2:~# cat /proc/sys/net/ipv4/conf/<br>
all/ default/ eth0/ eth1/ eth2/ lo/<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/conf/all/forwarding<br>
1<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/conf/default/forwarding<br>
1<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/conf/eth0/forwarding<br>
1<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/conf/eth1/forwarding<br>
1<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/conf/eth2/forwarding<br>
1<br>
<br>
When I run "ping 10.2.0.1" on moon, I run "ipsec statusall"
on sun<br>
<br>
On moon:<br>
<br>
root@strongswan1:~# ping 10.2.0.1<span class=""><br>
PING 10.2.0.1 (10.2.0.1) 56(84) bytes of data.<br>
</span>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=1 ttl=64 time=0.410 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=2 ttl=64 time=0.285 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=3 ttl=64 time=0.338 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=4 ttl=64 time=0.373 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=5 ttl=64 time=0.300 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=6 ttl=64 time=0.424 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=7 ttl=64 time=3.11 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=8 ttl=64 time=0.422 ms<br>
64 bytes from <a moz-do-not-send="true"
href="http://10.2.0.1" target="_blank">10.2.0.1</a>:
icmp_seq=9 ttl=64 time=2.88 ms<br>
^C<span class=""><br>
--- 10.2.0.1 ping statistics ---<br>
</span>
9 packets transmitted, 9 received, 0% packet loss, time
7998ms<br>
rtt min/avg/max/mdev = 0.285/0.950/3.115/1.098 ms<br>
<br>
On Sun<br>
<br>
root@strongswan2:~# ipsec statusall<br>
Status of IKE charon daemon (strongSwan 5.1.2, Linux
3.19.0-15-generic, x86_64):<br>
uptime: 19 minutes, since May 05 10:36:17 2015<br>
malloc: sbrk 1486848, mmap 0, used 353968, free 1132880<br>
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue:
0/0/0/0, scheduled: 2<br>
loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4
md5 random nonce x509 revocation constraints pkcs1 pkcs7
pkcs8 pkcs12 pem openssl xcbc cmac hmac ctr ccm gcm attr
kernel-netlink resolve socket-default stroke updown
eap-identity addrblock<br>
Listening IP addresses:<br>
128.224.162.165<br>
11:2233:4455:6677:20c:29ff:fe70:bf88<br>
192.168.0.2<br>
11:2233:4455:6677:20c:29ff:fe70:bf92<br>
10.2.0.1<br>
11:2233:4455:6677:20c:29ff:fe70:bf9c<br>
Connections:<br>
net-net: 192.168.0.2...192.168.0.1 IKEv1<br>
net-net: local: [<a moz-do-not-send="true"
href="http://sun.strongswan.org" target="_blank">sun.strongswan.org</a>]
uses pre-shared key authentication<br>
net-net: remote: [<a moz-do-not-send="true"
href="http://moon.strongswan.org" target="_blank">moon.strongswan.org</a>]
uses pre-shared key authentication<br>
net-net: child: <a moz-do-not-send="true"
href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ===
<a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a> TUNNEL<br>
Routed Connections:<br>
net-net{1}: ROUTED, TUNNEL<br>
net-net{1}: <a moz-do-not-send="true"
href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ===
<a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
Security Associations (1 up, 0 connecting):<br>
net-net[1]: ESTABLISHED 19 minutes ago, 192.168.0.2[<a
moz-do-not-send="true" href="http://sun.strongswan.org"
target="_blank">sun.strongswan.org</a>]...192.168.0.1[<a
moz-do-not-send="true" href="http://moon.strongswan.org"
target="_blank">moon.strongswan.org</a>]<br>
net-net[1]: IKEv1 SPIs: 7233e70c634fa8aa_i
eb8634d7b0b00874_r*, pre-shared key reauthentication in 37
minutes<br>
net-net[1]: IKE proposal:
AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048<br>
net-net{1}: REKEYING, TUNNEL, expires in 5 minutes<br>
net-net{1}: <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
=== <a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
net-net{1}: INSTALLED, TUNNEL, ESP SPIs: c043a424_i
cf9ecbf3_o<br>
net-net{1}: AES_CBC_128/HMAC_SHA1_96, 420 bytes_i (5
pkts, 2s ago), 420 bytes_o (5 pkts, 2s ago), rekeying in 15
minutes <----I can see the input/output packets.<br>
net-net{1}: <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
=== <a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
<br>
But when I run "ping 10.2.0.10" on Moon, I run "ipsec
statusall" on Sun.<br>
<br>
On Moon:<br>
<br>
root@strongswan1:~# ping 10.2.0.10<span class=""><br>
PING 10.2.0.10 (10.2.0.10) 56(84) bytes of data.<br>
</span>
^C<span class=""><br>
--- 10.2.0.10 ping statistics ---<br>
</span>
13 packets transmitted, 0 received, 100% packet loss, time
12095ms<br>
<br>
On Sun:<br>
<br>
root@strongswan2:~# ipsec statusall<br>
Status of IKE charon daemon (strongSwan 5.1.2, Linux
3.19.0-15-generic, x86_64):<br>
uptime: 24 minutes, since May 05 10:36:18 2015<br>
malloc: sbrk 1486848, mmap 0, used 353968, free 1132880<br>
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue:
0/0/0/0, scheduled: 2<br>
loaded plugins: charon test-vectors aes rc2 sha1 sha2 md4
md5 random nonce x509 revocation constraints pkcs1 pkcs7
pkcs8 pkcs12 pem openssl xcbc cmac hmac ctr ccm gcm attr
kernel-netlink resolve socket-default stroke updown
eap-identity addrblock<br>
Listening IP addresses:<br>
128.224.162.165<br>
11:2233:4455:6677:20c:29ff:fe70:bf88<br>
192.168.0.2<br>
11:2233:4455:6677:20c:29ff:fe70:bf92<br>
10.2.0.1<br>
11:2233:4455:6677:20c:29ff:fe70:bf9c<br>
Connections:<br>
net-net: 192.168.0.2...192.168.0.1 IKEv1<br>
net-net: local: [<a moz-do-not-send="true"
href="http://sun.strongswan.org" target="_blank">sun.strongswan.org</a>]
uses pre-shared key authentication<br>
net-net: remote: [<a moz-do-not-send="true"
href="http://moon.strongswan.org" target="_blank">moon.strongswan.org</a>]
uses pre-shared key authentication<br>
net-net: child: <a moz-do-not-send="true"
href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ===
<a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a> TUNNEL<br>
Routed Connections:<br>
net-net{1}: ROUTED, TUNNEL<br>
net-net{1}: <a moz-do-not-send="true"
href="http://0.0.0.0/0" target="_blank">0.0.0.0/0</a> ===
<a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
Security Associations (1 up, 0 connecting):<br>
net-net[1]: ESTABLISHED 24 minutes ago, 192.168.0.2[<a
moz-do-not-send="true" href="http://sun.strongswan.org"
target="_blank">sun.strongswan.org</a>]...192.168.0.1[<a
moz-do-not-send="true" href="http://moon.strongswan.org"
target="_blank">moon.strongswan.org</a>]<br>
net-net[1]: IKEv1 SPIs: 7233e70c634fa8aa_i
eb8634d7b0b00874_r*, pre-shared key reauthentication in 32
minutes<br>
net-net[1]: IKE proposal:
AES_CBC_128/HMAC_SHA1_96/PRF_HMAC_SHA1/MODP_2048<br>
net-net{1}: REKEYING, TUNNEL, expires in 33 seconds<br>
net-net{1}: <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
=== <a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
net-net{1}: INSTALLED, TUNNEL, ESP SPIs: c043a424_i
cf9ecbf3_o<br>
net-net{1}: AES_CBC_128/HMAC_SHA1_96, 1512 bytes_i (18
pkts, 1s ago), 672 bytes_o (8 pkts, 284s ago), rekeying in
10 minutes <----I only find input packages.<br>
net-net{1}: <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
=== <a moz-do-not-send="true" href="http://10.1.0.0/16"
target="_blank">10.1.0.0/16</a><br>
<br>
<br>
In a word, when I run "ping 10.2.0.1", I run "ipsec
statusall", I can see input/output packages.<br>
<br>
When I run "ping 10.2.0.10", I run "ipsec statusall", I can
only see input packages.<br>
I run "tcpdump -ni eth2 icmp", I can find the icmp reply
packages.<br>
That is, the icmp reply packages do not pass vpn tunnel.<br>
<br>
I do not know why.<br>
<br>
Best Regards!<br>
<br>
Zhu Yanjun
<div class="HOEnZb">
<div class="h5"><br>
<br>
On 05/04/2015 06:39 PM, Noel Kuntze wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
-----BEGIN PGP SIGNED MESSAGE-----<br>
Hash: SHA256<br>
<br>
Hello Zhuyj,<br>
<br>
Please check that you enabled forwarding for the
network devices<br>
that are involved in the forwarding of the packages.<br>
Also, please check the counters in the output of ipsec
statusall to see,<br>
if the packets get decrypted. The counters should
increment, when you send<br>
packets to the remote subnet.<br>
<br>
Mit freundlichen Grüßen/Regards,<br>
Noel Kuntze<br>
<br>
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F
63EC 6658<br>
<br>
Am 04.05.2015 um 12:34 schrieb zhuyj:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
Hi, Noel<br>
<br>
Thanks for your reply.<br>
I read carefully this link: <a
moz-do-not-send="true"
href="https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling"
target="_blank">https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling</a><br>
<br>
In this link, I think, the most important is:
ip_forward and iptables.<br>
Now I show you the configurations on the sun:<br>
<br>
root@strongswan2:~# cat
/proc/sys/net/ipv4/ip_forward<br>
1<br>
root@strongswan2:~# iptables-save<br>
# Generated by iptables-save v1.4.21 on Mon May 4
18:29:28 2015<br>
*nat<br>
:PREROUTING ACCEPT [93:14126]<br>
:INPUT ACCEPT [36:4578]<br>
:OUTPUT ACCEPT [0:0]<br>
:POSTROUTING ACCEPT [1:84]<br>
-A POSTROUTING -s <a moz-do-not-send="true"
href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a>
-o eth1 -m policy --dir out --pol ipsec -j ACCEPT<br>
-A POSTROUTING -s <a moz-do-not-send="true"
href="http://10.0.0.0/8" target="_blank">10.0.0.0/8</a>
-o eth1 -j MASQUERADE<br>
COMMIT<br>
# Completed on Mon May 4 18:29:28 2015<br>
# Generated by iptables-save v1.4.21 on Mon May 4
18:29:28 2015<br>
*filter<br>
:INPUT ACCEPT [2033:256543]<br>
:FORWARD ACCEPT [0:0]<br>
:OUTPUT ACCEPT [182:23858]<br>
-A FORWARD -s <a moz-do-not-send="true"
href="http://10.1.0.0/16" target="_blank">10.1.0.0/16</a>
-d <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
-i eth1 -m policy --dir in --pol ipsec --reqid 1
--proto esp -j ACCEPT<br>
-A FORWARD -s <a moz-do-not-send="true"
href="http://10.2.0.0/16" target="_blank">10.2.0.0/16</a>
-d <a moz-do-not-send="true"
href="http://10.1.0.0/16" target="_blank">10.1.0.0/16</a>
-o eth1 -m policy --dir out --pol ipsec --reqid 1
--proto esp -j ACCEPT<br>
COMMIT<br>
# Completed on Mon May 4 18:29:28 2015<br>
<br>
I think, ip forward feature is enabled in sun. And
the iptables rules are inserted.<br>
But the result is the same.<br>
<br>
Any reply is appreciated.<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
<br>
On 05/04/2015 06:01 PM, Noel Kuntze wrote:<br>
Hello,<br>
<br>
Did you follow the guide for forwarding[1]?<br>
<br>
[1] <a moz-do-not-send="true"
href="https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling"
target="_blank">https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling</a><br>
<br>
Mit freundlichen Grüßen/Regards,<br>
Noel Kuntze<br>
<br>
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F
63EC 6658<br>
<br>
Am 04.05.2015 um 11:25 schrieb zhuyj:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0 0
0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
<blockquote class="gmail_quote" style="margin:0
0 0 .8ex;border-left:1px #ccc
solid;padding-left:1ex">
Hi,<br>
<br>
Are you using psk or certificate to auth?<br>
<br>
Best Regards!<br>
Zhu Yanjun<br>
On 05/04/2015 05:18 PM, zhuyj wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
Hi, Bernhard<br>
<br>
Your problem is the same with mine.<br>
<br>
Best Regards!<br>
Zhu Yanjun<br>
<br>
On 05/04/2015 05:00 PM, Bernhard Marx wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
Hi Zhu,<br>
<br>
no problem. I wish I would have :-)<br>
But moon and sun is connected via public
networks?<br>
This is my scenario:<br>
<br>
<a moz-do-not-send="true"
href="http://192.168.2.0/24"
target="_blank">192.168.2.0/24</a> <<a
moz-do-not-send="true"
href="http://192.168.2.0/24"
target="_blank">http://192.168.2.0/24</a>>
<=> 192.168.2.1 hardware router
xx.xx.xx.xx (public IP from provider)
<=> Internet <=> public IP on
eth0 192.168.120.125 <=> <a
moz-do-not-send="true"
href="http://192.168.120.0/24"
target="_blank">192.168.120.0/24</a>
<<a moz-do-not-send="true"
href="http://192.168.120.0/24"
target="_blank">http://192.168.120.0/24</a>>
on eth1<br>
<br>
I can ping from 192.168.120.125 to
192.168.2.1 and vice versa - but I can not
reach any devices in the subnet...<br>
<br>
Regards<br>
Bernhard<br>
<br>
<br>
2015-05-04 10:51 GMT+02:00 zhuyj <<a
moz-do-not-send="true"
href="mailto:mounter625@163.com"
target="_blank">mounter625@163.com</a>
<mailto:<a moz-do-not-send="true"
href="mailto:mounter625@163.com"
target="_blank">mounter625@163.com</a>>>:<br>
<br>
Sorry. I thought your solve this
problem already.<br>
Do you think that it is related with
psk or pubkey? I mean that strongswan can
support auth-based certificate very well.<br>
Maybe there is something wrong with
psk auth?<br>
<br>
Zhu Yanjun<br>
<br>
<br>
On 05/04/2015 04:45 PM, zhuyj wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
Hi, Marx<br>
<br>
Please let me know how to solve
this problem.<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
<br>
On 05/04/2015 04:22 PM, Bernhard
Marx wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0
.8ex;border-left:1px #ccc
solid;padding-left:1ex">
Dear Zhu,<br>
<br>
I think I have the issue... as
send a request to mail list
yesterday...<br>
<br>
Feedback I received is to check
the routing of packets... but I cant
identify the issue...<br>
<br>
Regards<br>
Bernhard<br>
<br>
2015-05-04 10:17 GMT+02:00 zhuyj
<<a moz-do-not-send="true"
href="mailto:mounter625@163.com"
target="_blank">mounter625@163.com</a>
<mailto:<a moz-do-not-send="true"
href="mailto:mounter625@163.com"
target="_blank">mounter625@163.com</a>>>:<br>
<br>
Hi, all<br>
<br>
I followed this link: <a
moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a><br>
<br>
I configured 4 vmare hosts.
The hosts are ubuntu14.04.<br>
<br>
The network topology is as
below.<br>
<br>
10.1.0.10
<---->10.1.0.1 (moon)
192.168.0.1<----->192.168.0.2
(sun) 10.2.0.1<---->10.2.0.10<br>
<br>
strongswan is 5.1.2.<br>
<br>
>From this link: <a
moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a>,
after a vpn tunnel is created,<br>
I ran "ping 10.2.0.10" on
clinet 10.1.0.10. But I can not get
any reply from 10.2.0.10.<br>
<br>
I can find the icmp packets
into moon. But moon will not forward
these icmp packets.<br>
<br>
I exactly followed this link
<a moz-do-not-send="true"
href="http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/"
target="_blank">http://www.strongswan.org/uml/testresults/ikev2/net2net-psk/</a>,
but I can not get<br>
the same test result with
this link.<br>
<br>
Does any one have the
similar experience?<br>
<br>
Any reply is appreciated.<br>
<br>
Thanks a lot.<br>
Zhu Yanjun<br>
<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>
<mailto:<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
<br>
<br>
<br>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>
<mailto:<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>
<mailto:<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a>><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote>
</blockquote>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
</blockquote>
<br>
_______________________________________________<br>
Users mailing list<br>
<a moz-do-not-send="true"
href="mailto:Users@lists.strongswan.org"
target="_blank">Users@lists.strongswan.org</a><br>
<a moz-do-not-send="true"
href="https://lists.strongswan.org/mailman/listinfo/users"
target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br>
<br>
</blockquote>
</blockquote>
</blockquote>
<br>
</blockquote>
-----BEGIN PGP SIGNATURE-----<br>
Version: GnuPG v2<br>
<br>
iQIcBAEBCAAGBQJVR0x7AAoJEDg5KY9j7GZYdoEQAI7bJaY+Iy5volndjpsV4xol<br>
3Sv2TPyVa/Fvo4BWYlFWtpLvAsyUkRDCOGycRV2iD3LVd6Y+WC8QeN2KXvcC6nvK<br>
y0mS3bhxgonrMVDuJ/Qmrk3qmNIx5TkvqAjuxSxeKoKhoL9zigbUhCX4xRoLg+fq<br>
83vPQ5tMw03+hWshfKd+f8VPbSy9P3YNQ+9fy4f69bFRKcHDwj/L2k45L7s5gRMG<br>
shFL/VvIEWlZqzBRHbWGw3t7GUUDtsUjpy7M/1KJ5XelS97i7PBeU+JTQWpW64W5<br>
HoVolQgqc9BarsG4pUTx+v5Q31YexUawEfNngzcp3WoDvYvhPe+8Dqq0rEsZYZV5<br>
4cIBBEyKkCJ8caR5bdV+etvy80pDj/bnfM5RXNSGERB9pwTPF+WvsAHm6LpS1iiF<br>
ATwqIcEwcsvwR50+twhRmH+yoV2bcNCqsOxrKLqp2H4nab1/q0+R0j1uMoCW6IHv<br>
6v5ZAVanPLCgI0a+re61hndrCPVoXiPYMg3abLKZVFXmqcDgoL42Qc7F1XL+0csR<br>
WsO3CGIe45g7PG9DZ3gjhs0PP2grIVy3LzsHUi6ONuB5Jhy7FTMkClaH36WPVD4+<br>
zOi7lKPWiNWg+OqXzf7Fkb3FJCz3vjOBG1ieRrSsO05JBmqsReFmWR6F3J44gd17<br>
F1t5/uhaSEb4435vTos7<br>
=URb/<br>
-----END PGP SIGNATURE-----<br>
<br>
</blockquote>
<br>
<br>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>