[strongSwan] Fwd: Question on rightsubnet
Guy Maman
mamang at porticor.com
Sun Jan 4 16:13:12 CET 2015
Anybody?
-------- Forwarded Message --------
Subject: Question on rightsubnet
Date: Mon, 29 Dec 2014 15:08:49 +0200
From: Guy Maman <mamang at porticor.com>
To: users at lists.strongswan.org
Hi all,
What is the different between rightsubnet=%dynamic to omit the rightsubnet?
I have the same strongswan version on both client and server:
Linux strongSwan U5.1.2/K3.13.0-40-generic
I read that it's supposed to be the same behaviour:
/Instead of specifying a subnet, /%dynamic/ can be used to replace it
with the IKE address, having the same effect
as omitting /left|rightsubnet/ completely/
But for some reason when I omit the "rightsubnet" from the client, child
is created and connection is created.
When rightsubnet=%dynamic it's not working with the error:
/15[IKE] received INTERNAL_ADDRESS_FAILURE notify, no CHILD_SA built//
//15[IKE] failed to establish CHILD_SA, keeping IKE_SA/
Thanks
Guy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150104/ee8d72db/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3748 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150104/ee8d72db/attachment.bin>
More information about the Users
mailing list