[strongSwan] Initiator only for certain connections?
Tobias Brunner
tobias at strongswan.org
Mon Jul 18 14:01:19 CEST 2016
Hi,
> is it possible to tell StrongSwan that it should act as initiator only, but only for certain connections
auto=add? strongSwan does not initiate such connections unless
explicitly told to do so (via `ipsec up`).
> or as responder only, but again only for certain connections?
right=%any or right=<subnet>? The daemon won't be able to initiate such
connections as it doesn't know to which endpoint, so these connections
will only be usable as responder.
> For example, if I would like company A to establish a VPN connection
> into my network (but not vice versa), and I would like to establish a
> (different, of course) VPN connection to company B (but not vice versa),
> how could I achieve that?
Is there a good reason for these requirements?
Regards,
Tobias
More information about the Users
mailing list