[strongSwan-dev] Why client needs leftsubnet

Giulio Ambrogi giulio.ambrogi at gmail.com
Sun Jun 21 16:09:06 CEST 2015


Dear devs,

here it is my issue:

Scenario : remote access with certificates, on the client side
Example : (
http://www.strongswan.org/uml/testresults/ikev2/rw-cert/carol.ipsec.conf)

If I were Carol , why should I need to set the *rightsubnet*?
I tried to replicate it whith 2 vms but if i delete this field from Carol's
ipsec.conf file, the SA negotiation fails.
Is there any way to omit this field in this kind of configuration?
And what about the same question for rightid?

Thanks,

Giulio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20150621/879409e4/attachment.html>


More information about the Dev mailing list