[strongSwan-dev] Dynamic Multipoint VPN (opennhrp) with strongswan
Martin Willi
martin at strongswan.org
Mon Aug 18 11:25:38 CEST 2014
> Either different named event, or some attribute to pass
> during event registration?
vici event registration currently does not have any option arguments, so
having different events is certainly much simpler.
Introducing event options is possible, but non-trivial: We'd need event
specific option parsing, and then keep and manage client specific state
on the event source.
> 1) virtual IP request via IP[46]_ADDRESS, which I would like to handle
> (assigning from pool is ok, but I need to run code for each assigned IP)
Probably that code can be invoked from the raised SA up/down events?
> 2) exchange of routes via IP[46]_SUBNET - both as CFG_REQ and
> additional CFG_SET exchange
We currently don't support any custom/additional Mode Config or
Configuration Attribute exchange; at least for IKEv2, CFG_REQUEST
messages MUST have a INTERNAL_ADDRESS4/6 attribute.
So this certainly requires some core changes, probably not that trivial.
Regards
Martin
More information about the Dev
mailing list