[strongSwan] Custom ID type and Terminating connection based on remote IP

Sarat Vajrapu saratvajrapu1 at gmail.com
Mon Jul 11 18:20:45 CEST 2016


I have two questions:

1. I am using CERT based authentication. By default, ID is picked from
subject of CERT or an altname can be used as ID. Is there any way I can
override the left|rightid with my custom id. For example: using an IP
address as left|rightid instead of subject name.

2. Is there any option to delete the IPsec connection based on remote
IP/name? I tried "ipsec down-srcip <>" but it did not work for me. In a
remote access scenario, if I want to delete a session of a particular
client, this will be helpful.

Your inputs are highly appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160711/aaff3a31/attachment.html>

More information about the Users mailing list