[strongSwan] Road-Warrior Setup with different PSKs
Andreas Steffen
andreas.steffen at strongswan.org
Tue Nov 22 11:04:39 CET 2011
Hello Klaus,
if the roadwarriors have dynamic IP addresses then IKEv1 Main Mode
supports only one shared PSK. With IKEv2 each roadwarrior can have
a PSK of her own".
Regards
Andreas
On 11/22/2011 10:41 AM, Klaus Darilion wrote:
> Hi!
>
> I wonder if it's possible to have the road-warrior setup with different
> PSKs for different users? E.g. if strongswan fails to decode a packet
> with the PSK it should find for another PSK with matching IP addresses?
>
> I tried:
>
> 22.19.53.13 %any : PSK "pass1"
> 22.19.53.13 %any : PSK "pass2"
> 22.19.53.13 %any : PSK "pass3"
>
> I seems that stronSwan only uses the first match when decoding the packet.
>
> Is there any workaround to use different PSKs for the road warriors?
>
>
> Thanks
> Klaus
======================================================================
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
More information about the Users
mailing list