[strongSwan] Fwd: Multiple right subnets with ikev1

Sean Blanton sean at radix.trade
Thu Nov 19 21:17:24 CET 2015 

Yes, you have to split the connections. I wish I knew this two weeks ago.
Here is what I did:

conn europe
   keyexchange=ikev1
   ...
   left=..
   leftsubnet=...
   right=...
   rightid=...
   ...

For the two right subnets, I literally only have the following:

conn london
   also=europe
   rightsubnet=...1
   auto=start

conn frankfurt
   also=europe
   rightsubnet=...2
   auto=start


On Thu, Nov 19, 2015 at 1:22 PM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:

> Hi Jayapal,
>
> according to the IKE standards, multiple comma separated subnets work
> for IKEv2 only. With IKEv1 you have to define multiple connections
> resulting in multiple QUICK_MODEs.
>
> Regards
>
> Andreas
>
> On 19.11.2015 11:31, Jayapal Reddy wrote:
>
>>
>> Hi,
>>
>> For site to site vpn configuration comma separated multiple subnets for
>> rightsubnet, Is it working ?
>> Ex: rightsubnet=192.168.1.0/24,192.168.2.0/24
>> <http://192.168.1.0/24,192.168.2.0/24>
>>
>> In documentation found that it is only supported for ikev2, for ikev1
>> only first  subnet in comma separted is considered. In my setup it seems
>> only the first one is working.
>>
>> In some of the internet posts found that it is working for ikev1 also.
>> Is this true ?
>>
>> Thanks,
>> Jayapal
>>
>>
>>
>>
>> _______________________________________________
>> Users mailing list
>> Users at lists.strongswan.org
>> https://lists.strongswan.org/mailman/listinfo/users
>>
>>
> --
> ======================================================================
> Andreas Steffen                         andreas.steffen at strongswan.org
> strongSwan - the Open Source VPN Solution!          www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>



-- 
Sean Blanton, Ph.D.
Quantitative Technologist
Radix Trading, LLC
Desk: 773.985.0456
Cell:   773.960.3495
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151119/b8c00847/attachment.html>

More information about the Users mailing list