[strongSwan] Multiple protected networks
Andreas Steffen
andreas.steffen at strongswan.org
Tue Aug 10 04:09:31 CEST 2010
Hello Stuart,
this is no problem for strongSwan. With IKEv2 you just enumerate
the networks in the remote traffic selector:
rightsubnet=<net1>,<net2>,...,<net11>
so that only a single CHILD_SA must be established. With the old
IKEv1 protocol, 11 connection definitions are needed which result
in one ISAKMP_SA and 11 IPsec_SAs to be negotiated.
Best regards
Andreas
On 08/09/2010 10:36 PM, Stuart Beckett wrote:
> Hello,
>
> Can strongSwan support a connection where the remote (righthand) side
> has multiple networks?
>
> For instance we have an application where we will need to access eleven
> unique subnets on the remote side.
>
> Thanks
>
> Stuart Beckett
>
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list