[strongSwan] IPSec between multiple hosts on subnet
Mick Mason
zen33984 at zen.co.uk
Mon Mar 17 14:24:06 CET 2014
Hi,
I’m not a Linux bod so am out of my depth here, and am hoping someone can help.
If I had 4 servers running Strongswan (currently using 5.1.2 on Ubuntu) that were all on the same subnet, is there a way to specify that all communications between them should be secured with IPSec, without having to specify 3 distinct host-to-host connections in the ipsec.conf on every one of the servers, each with hardcoded IP’s in, each ipsec.conf different from the others?
What would be ideal (don’t know if such a thing exists), is something like this:
conn test
type=tunnel
auto=start
left=<local IP goes here>
right=<%any, a subnet range, a CIDR or other non-specific entry etc>
authby=secret
I could then create a script that changed the left IP for every new host, but could get away with this single configuration.
Is anything like that possible?
Thanks
M
More information about the Users
mailing list