[strongSwan] Setting left or right to %any won't work
James Lay
jlay at slave-tothe-box.net
Wed Nov 25 23:37:18 CET 2015
On Wed, 2015-11-25 at 22:02 +0800, Zorceta Moshak wrote:
> Hi all,
> I was configuring strongSwan and found this problem: once I set `left`
> or `right` to `%any`, `%defaultroute` or any equavalent values (such as
> 0.0.0.0) in ipsec.conf, this will happen:
> ```
> $ sudo ipsec up iOS
> unable to resolve %any, initiate aborted
> tried to check-in and delete nonexisting IKE_SA
> establishing connection 'iOS' failed
> ```
> whatever other settings are.
> I've googled and looked through mail lists, but no luck.
> So what might be the reason of this?
> strongSwan is of version 5.3.4, compiled and ran on a Ubuntu 15.04
> linode box.
> Thanks.
>
> Best regards,
> Zorceta Moshak
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
This currently works for me:
conn rw
leftsubnet=192.168.1.0/24
leftcert=StrongSwanHostCert.pem
right=%any
rightsourceip=192.168.1.11
auto=add
James
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151125/6d6f8fa4/attachment.html>
More information about the Users
mailing list