[strongSwan] FQDN usage changed.
Alexis Salinas
asalinas at sierrawireless.com
Wed Sep 23 19:44:11 CEST 2015
Hello,
I recently updated a system from 4.3.5 to 5.3.0 ( I know I have to go to 5.3.2)
One of the things I noticed is a change in the way the new version is using the FQDN value I configured for the 'right' parameter ( no 'rightid' configured)
It used to be that the IP address resulting from the name resolution of the FQDN was used as 'right' and 'rightid'.
On 5.3.0 the IP address resulting from the name resolution of the FQDN is used as 'right' and the FQDN itself is used as 'rightid'.
Is there a reason for this change? Is there a way to make it behave as it used to? I would rather not have to ask the server side to change what is currently using as ID.
Here is the connection output of 'ipsec statusall' for a IKEv2 VPN on 4.3.5:
Connections:
VPN1: 192.168.1.1...200.X.X.X
VPN1: local: [client] uses pre-shared key authentication
VPN1: remote: [200.X.X.X] uses any authentication
VPN1: child: 172.16.1.0/24 === 10.1.1.0/24
Here is the connection output of 'ipsec statusall' for a IKEv2 VPN on 5.3.0:
Connections:
VPN1: 192.168.1.1...vpn.example.com IKEv2
VPN1: local: [client] uses pre-shared key authentication
VPN1: remote: [vpn.example.com] uses pre-shared key authentication
VPN1: child: 172.16.1.0/24 === 10.1.1.0/24 TUNNEL
Security Associations (1 up, 0 connecting):
VPN1[38]: ESTABLISHED 21 minutes ago, 192.168.1.1[client]...200.X.X.X[vpn.example.com]
Thanks,
Alexis.
More information about the Users
mailing list