[strongSwan] virtual IP request with IPv6 in IPv4 use case

Andreas Steffen andreas.steffen at strongswan.org
Wed Jun 20 09:40:12 CEST 2012

Hi Stephen,

I set up an IPv6-in-IPv4 test case with virtual IPv6 addresses
and this scenario does not work indeed:


On the gateway side we get

Jun 20 08:06:50 moon charon:
  01[ENC] parsed IKE_AUTH request 1 [ IDi CERT .. CP(ADDR) .. ]
  01[IKE] peer requested virtual IP %any
  01[CFG] assigning new lease to 'carol at strongswan.org'
  01[IKE] assigning virtual IP fec3::1 to peer 'carol at strongswan.org'
  01[IKE] traffic selectors fec1::/16 ===  inacceptable



On 06/19/2012 08:48 PM, Pisano, Stephen G (Stephen) wrote:
> Hi:
> How can I control the virtual IP version (i.e., v4 vs. v6) requested
> when using ‘leftsourceip=%config’?
> I am assuming that the code looks at the IP version of the outer tunnel
> address and requests the same version type (just my guess), but the
> specific use case of interest is IPv6 traffic within an IPv4 tunnel.
> Is it possible to request a IPv6 address when the tunnel in IPv4?
> Thanks,
> Stephen

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list