[strongSwan] not all subnets get a tunnel
Averlon GmbH (in Gründung)
info at averlon.net
Fri Sep 18 07:15:52 CEST 2015
Dear Mr. Kuntze,
it works exactly with the same configuration on the other system. No problem.
That's why I expected it to work here too.
I have tried IKE (without version) in the settings. This did also not work.
I will change as you proposed and report the result.
Thanks for help.
Regards
Karl-Heinz Fischbach
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Am 17.09.2015 um 19:29 schrieb Averlon GmbH (in Gründung):
> rightsubnet=192.168.110.0/24,192.168.109.0/24
Why do you expect this to work?
With IKEv1, you can only tunnel traffic between parts of subnets, not arbitrary groups.
For the latter, you need to use IKEv2.
To alleviate the problem, you need to configure a second configuration for the same peer, but with the other subnet pair.
- --
Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze
GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJV+w0EAAoJEDg5KY9j7GZYPIAP/14jw0RWF10T4jDW1o0ONUso
doihuW8ZBJvb0ql9toUGOeDsyc2mn+HAa2yJxfAww/vXIVX9VlVxwjb1vZtBLQxW
+/SaQSjPuu8s9BPH5cZ+8J9FtJVqs4xO3KueUoiwBILDscOyYVHR4YOTI8snhyvA
+DDgc11V3GEqcT09b1Aj2+PQ7XtqOWnOc02O2MBFcytbUwP+J50UqsAn6P2RsGY8
rgCWSDGp7nMdmuKS2TEPJQER//6CWF567A+fLWo4mpJapy4nTI3E0wTmVTa9XRzx
MEx2j1SFM8+QK0kOcqKlEoQHH6u4VXonyzJMk2uUaSsMBU6cArOJTKT8LxEZ9LVW
QKIiIM0a21nZ6m02rpL/XJjlIXFn37oqf1P6zuOZZvpvrsIbmnviRVQfAYfp6aIA
8U2cgjry85zMC0PbNI/ZisxHPUBy61X8R1xLJUSk4D4tpCoa2pddzwvyi6gcUUPC
LGLXObKwC+KObTUO1K6KLqDzYvePoEmU6rLrF8vbaYn2G5gryz2X2cggwESwcJbQ
VKpnQcOgI9dOHcJ13HNn5g5oNsxnWSsBHrqCjERiQqvwTg6DdVIPH4SvH4DC9Wba
TqRg+clGa4iKZDEJSZGEe1eZdk3wd+mwcxedq4BXRh5Qtugy7P+OpZKj0azdEkz5
jVeI1/pElOAmm8196yBw
=mtvs
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6184 bytes
Desc: not available
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150918/abf18cc8/attachment.bin>
More information about the Users
mailing list