[strongSwan] Strongswan 4.5.1 sqlite database passthrough
Martin Willi
martin at strongswan.org
Fri Jun 24 11:00:14 CEST 2011
Hi,
> Each gateway B subnets must reach all of gateway A subnets.
Using IKEv2, you can simplify all-to-all subnets and use just a single
connection:
leftsubnet=10.0.0.0/8,192.168.0.0/16,172.16.0.0.12
rightsubnet=10.21.11.0/24,172.16.0.0/24,10.121.11.0/24
> As you can see, some gateway B subnets address are included in gateway
> A subnets.
Unfortunately, we currently don't support IP ranges. Splitting this
configuration into the correct subnets should be possible, but would
require some dozen subnets.
> It doesn't work better even with high priority.
Please keep in mind that lower priority numbers actually have a higher
priority. Have you tried a low priority number (1)?
Regards
Martin
More information about the Users
mailing list