<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<style type="text/css" style="display:none;"> P {margin-top:0;margin-bottom:0;} </style>
</head>
<body dir="ltr">
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
Hello,</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="color: rgb(0, 0, 0); font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;"><br>
</span></div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span style="color: rgb(0, 0, 0); font-family: Calibri, Helvetica, sans-serif; font-size: 12pt;">I have a strongSwan server running with the ipsec.conf pasted below. </span><br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
The clients are using Windows 10 and macOS and they must be able to choose connection. I am trying to separate the connections using "leftid" with different subdomains for each connection (e.g. vpn1.example.org, vpn2.example.org).</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
My solution below works in macOS by matching "Remote ID" with the appropriate "leftid", however I can't get it to work in Windows 10. </div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
I am very grateful to any help or ideas of how I can solve this. </div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
ipsec.conf</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
--------------</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<span>conn %default<br>
</span>
<div> auto=add<br>
</div>
<div> dpdaction=clear<br>
</div>
<div> dpddelay=180s<br>
</div>
<div> eap_identity=%any<br>
</div>
<div> esp=aes256-sha256,aes256-sha1,3des-sha1!<br>
</div>
<div> forceencaps=yes<br>
</div>
<div> ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024!<br>
</div>
<div> keyexchange=ikev2<br>
</div>
<div> leftcert=cert.pem<br>
</div>
<div> leftsendcert=always<br>
</div>
<div> rightauth=eap-mschapv2<br>
</div>
<span> rightsendcert=never</span><br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<br>
</div>
<div style="font-family: Calibri, Helvetica, sans-serif; font-size: 12pt; color: rgb(0, 0, 0);">
<div>conn conn1<br>
</div>
<div> left=%any<br>
</div>
<div> leftid=@vpn1.example.org<br>
</div>
<div> leftsubnet=0.0.0.0/0<br>
</div>
<div> right=%any<br>
</div>
<div> rightid=%any<br>
</div>
<div> rightdns=8.8.8.8,8.8.4.4<br>
</div>
<div> rightsourceip=10.10.10.1/24<br>
</div>
<div><br>
</div>
<div>conn conn2</div>
<div> left=%any<br>
</div>
<div> leftid=@vpn2.khalili.xyz<br>
</div>
<div> leftsubnet=0.0.0.0/0<br>
</div>
<div> right=%any<br>
</div>
<div> rightid=%any<br>
</div>
<div> rightdns=8.8.8.8,8.8.4.4<br>
</div>
<span> rightsourceip=10.10.10.2/24</span></div>
</body>
</html>