[strongSwan] Fwd: [strongSwan-dev] config w/ multiple ios devices on a network...
goodmirek at goodmirek.cz
Fri Apr 24 21:20:02 CEST 2015
This is not good. Possibly, what we solved was just a result, not the root
Before, I overlooked the configuration issue; maybe you will want to enable
uniqueids again once fixed.
there should be:
Logs will be even better if you include directive in "charon-logging.conf":
ike_name = yes
Miroslav Svoboda | +420 608 224 486
On 24 April 2015 at 21:02, Andrew Foss <afoss at actmobile.com> wrote:
> thank you, that did it! Wow, did I log some hours trying different
> combinations, but didn't get that one and you also helped by suggesting I
> turn off enc logging, now my logs are more helpful, before they always
> ended in "dropped rate-limiting" so really weren't telling me much.
> Interestingly, both the connected devices now have the same virtual ip
> 10.254.0.1/32, but both seem to be working fine and the 2 devices never
> need to talk directly to one another, so maybe all the devices can
> use/assign the same ip address for the client's tunnel? Is that a common
> way to run?
> On 4/24/15 11:36 AM, Miroslav Svoboda wrote:
> This is the problem:
> Apr 24 17:21:43 accel charon: 10[IKE] deleting duplicate IKE_SA for peer
> 'actmobile' due to uniqueness policy
> Look for config option "uniqueids" here:
> Miroslav Svoboda | +420 608 224 486
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users