[strongSwan] Trouble mixing ipv4 and ipv6 configuration within a single connection
Robert Dyck
rob.dyck at telus.net
Tue Dec 16 20:36:52 CET 2014
I shall try out your suggestions. I perhaps will experiment with a separate
ipv6 conn definition and try merging it with ipv4 when the ipv6 definition is
working to my satisfaction.
Thanks, Rob
On December 16, 2014 09:46:58 AM Martin Willi wrote:
> Rob,
>
> > If I specify my ipv6 prefix here the server does indeed assign an
> > address to the RW. Unfortunately the address it assigns (my-prefix::1)
> > is already in use.
>
> Usually you define a pool that is a subset of your prefix, and does not
> start at the beginning of it. This should allow you to assign addresses
> that are not in use, even for IPv6.
>
> > If I explicitly request my-prefix::2 the server overrides it with
> > my-prefix::1 anyway. Is there a way to achieve my objective without
> > creating an external pool?
>
> If you serve one client only, you can even define a pool with just a
> single address on your server. But you should have some uniqueness
> checking in place (uniqueids option) to make sure the address is not in
> use by a dangling tunnel.
>
> There are also other, more powerful backends, such as attr-sql, but that
> is probably not worth the effort on your setup.
>
> Regards
> Martin
More information about the Users
mailing list