[strongSwan-dev] Adding support for subnets in transport mode (Feature #196)

Stuart Daniel stuartd at lexmark.com
Tue Jul 21 20:40:05 CEST 2015

Hello Daniel,

On Tue, Jul 21, 2015 at 11:24 AM, Daniel Palomares <
palomaresdaniel at gmail.com> wrote:

> Hello all,
> I'm interested in using Transport Mode for subnets.
> I found the Test Scenario description here:
> https://git.strongswan.org/?p=strongswan.git;a=commit;h=d8a5f15f6a0c7665527e2e788001d63e12790f27
> [ Didn't find it on: https://www.strongswan.org/testresults.html ]
> And the trap manager patch here:
> https://git.strongswan.org/?p=strongswan.git;a=commit;h=7b3b674fae4ecc3ae2a1a07a1701dcf6f72b4bd7
> Do I need anything else to make it work?

Tobias can give the authoritative answer, but the short answer is "no",
that is most of what is needed. You should be aware, however, that the trap
manager patch is not based from master, but from a separate branch
(trap-acquire-tracking) that contains some necessary groundwork.

> Correct me if I'm wrong, this only works with Certificate-based
> authentication (CA) and not Pre-Shared Keys (PSK)?

That's what I have seen with my testing so far.

Good luck, and let me know if you see any issues.


-- Stuart Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150721/dfd3f37f/attachment.html>

More information about the Dev mailing list