[strongSwan] Problem connecting to a Cisco Unity gateway
Bas van Dijk
v.dijk.bas at gmail.com
Wed Feb 18 16:39:49 CET 2015
On 16 February 2015 at 17:19, Tobias Brunner <tobias at strongswan.org> wrote:
> As Noel pointed out it could mean the responder doesn't like the
> proposed algorithms. But the responder could also return this error
> because it doesn't like the proposed traffic selectors (i.e. the subnets
> in `left|rightsubnet`) or the mode (type=tunnel|transport).
Hi Tobias, thanks for your very informative and helpful reply. You
were spot-on with the incomplete traffic selectors. It turned out the
server is configured to only accept traffic from the 172.16.48.16/28
subnet. So after setting:
leftsubnet = 172.16.48.16/28
I can successfully establish the VPN with the server.
So am I right that the only thing left to do is configure my system so
that packets to hosts on the 10.180.0.0/24 subnet appear to come from
a host on the 172.16.48.16/28 subnet?
To accomplish this I already added the additional IP address
172.16.48.16 to my NIC (besides the DHCP configured 192.168.42.162).
What's the next step? Do I need to add a route or some iptables rule?
More information about the Users