[strongSwan] How to make the gw Moon to deliver the P-CSCF address to the road warrior Carol in the IKEv2 CFG payload in strongswan-5.0.0?
zmao at qualcomm.com
Thu Aug 9 02:17:02 CEST 2012
The DNS/DHCP CPs are working now. Thank you for the info!
I am also looking for a way for the gw Moon to return the P-CSCF address to the road warrior Carol in the IKEv2 CFG payload, but the wiki link only contains the examples for internal_address/dns/dhcp.
I did see a line for "Arbitrary attribute using configured attribute type as assigned by IANA", so I followed the "assigned by IANA" link, but I was still not able to find the specific CFG payload for P-CSCF under its "IKEv2 Configuration Payload Attribute Types" section on that web page.
I guess that the P-CSCF is probably an extended or vendor-specific attribute and I believe it should have the same format as the internal_address/dns/dhcp, should it exist, but I could not figure out how to use Strongswan 5.0.0 to deliver it. Could you please show me some examples? Thanks a lot!
From: Andreas Steffen [mailto:andreas.steffen at strongswan.org]
Sent: Monday, August 06, 2012 12:28 AM
To: Mao, Zhiheng
Cc: users at lists.strongswan.org
Subject: Re: [strongSwan] How to get the road warrior's virtual address, DNS server address, and DHCP server address together in strongswan-5.0.0?
the DNS and DHCP parameters are configured in strongswan.conf.
Refer to the following link for details:
On 05.08.2012 19:16, Mao, Zhiheng wrote:
> Hi there,
> I am looking for a way for the gateway Moon to reply to the road warrior Carol during the remote access setup with its virtual IP address, DNS server address, and DHCP server address together. These addresses are all statically assigned by the gateway. I have got the virtual IP address part working, and now I need to expand to include the DNS and DHCP addresses, so I am wondering:
> --1: How can I setup the ipsec.conf for both Moon and Carol to do all three addresses at once?
> --2: Any other configuration files I need to modify?
> --3: How do I verify that Carol has got the DNS server address? Carol is running on a Red Hat 5 Linux machine. Should I check the /etc/resolv.conf to see if the new DNS address has been added there?
> --4: How do I verify that Carol has got the DHCP server address? Carol is running on a Red Hat 5 Linux machine. Where does Carol save the new DHCP address?
> --5: Questions 1-4 above are all related to IPv4. What are the corresponding steps for IPv6?
> Thanks a lot!
Andreas Steffen andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
More information about the Users