[strongSwan] Setup site-to-site VPN via central server
Tobias Brunner
tobias at strongswan.org
Wed Jul 20 15:33:02 CEST 2016
Hi Martin,
>> The diagrams show four hosts as I though that illustrates the
>> difference between the two approaches a bit better
>
> Maybe I am not the best reference since I started with strongSwan only 2
> weeks ago, but it is quite hard to understand why there is only A-C
> mentioned although the diagram shows A-D.
Not sure if understanding that has anything to do with how long one
knows strongSwan ;-) But I update the text.
>> Or just set leftsubnet=192.168.2.0/24,192.168.3.0/24 on the server
> Oh thanks, makes perfect sense. Is there any negation available, e.g.
> leftsubnet=192.168.0.0/16,!192.168.1.0/24
No, you'd have to define that yourself, e.g.:
leftsubnet=192.168.0.0/24,192.168.2.0/23,192.168.4.0/22,192.168.8.0/21,192.168.16.0/20,192.168.32.0/19,192.168.64.0/18,192.168.128.0/17
Regards,
Tobias
More information about the Users
mailing list