[strongSwan] Strongswan to Sonicwall 5500, INVALID_SYNTAX error establishing CHILD_SA
Harvinder Rupra
harvinder.rupra at appliedconsultants.co.uk
Tue Apr 15 10:23:42 CEST 2014
Hi Tobias,
Removing leftsourceip=10.0.33.17 from the configuration helped.
I already had 10.0.33.17 configured on the local interface, so it all works fine now.
Thanks for your help.
Harvinder
----- Original Message -----
From: Tobias Brunner <tobias at strongswan.org>
To: Harvinder Rupra <harvinder.rupra at appliedconsultants.co.uk>, users at lists.strongswan.org
Sent: Mon, 14 Apr 2014 17:03:52 +0100 (BST)
Subject: Re: [strongSwan] Strongswan to Sonicwall 5500, INVALID_SYNTAX error establishing CHILD_SA
Hi Harvinder,
> leftsourceip=10.0.33.17
This is probably not what you want (or what the Sonicwall expects). If
you configure an IP like that charon will send it in a configuration
payload to the gateway to request it as virtual IP [1]. If you simply
want to use that IP inside the tunnel, just install it manually on one
of the interfaces (even lo).
Regards,
Tobias
[1] http://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp
More information about the Users
mailing list