[strongSwan] Is there any way to specify/configure different initiator_tsr for each initiator?
Martin Willi
martin at strongswan.org
Wed May 20 09:21:57 CEST 2015
Hi,
> all CHILD SAs will have the same traffic selector (i.e., 40.0.0.1/8)
> on responder side, as proposed by initiator. Is there any way to
> specify/configure different initiator_tsr for each initiator?
Currently all initiators use the same subnet as defined with
initiator_tsr. So no, there is currently no way to define individual
subnets for each client.
There is, however, a %unique port option you can use, such as
initiator_tsr=40.0.0.1/8[udp/%unique]. This selects a single port for
each initiator TSr, starting at 1025. This at least results in unique
policies on your gateway under test, but not sure what you intend to
test.
If that is not sufficient, have a look at the add_ts() function from
load_tester_config.c. It shouldn't be too hard to use a distinct subnet
for each initiator, similar to what we do with these %unique ports.
Regards
Martin
More information about the Users
mailing list