[strongSwan] strongswan 4.5.2 multiple right subnets
jayapalatiiit at gmail.com
Thu Jun 16 11:35:22 CEST 2016
Thanks for you reply.
Earlier we were using openswan where in the config 'keyexchange=ike' is set
(which is ikev1 correct me if I am wrong). In openswan multiple subnets
with comma separated worked.
In strongswan if we setup connection for each subnet, a separate tunnel
will be created for each connection. For connection status, bring up/down
we need to do on each connection. Earlier in openswan we used to manage as
Is there any way to manage it as single vpn connection or tunnel ?
On Thu, Jun 16, 2016 at 1:20 PM, Andreas Steffen <
andreas.steffen at strongswan.org> wrote:
> Hi Jayapal,
> The IKEv1 protocol does not support comma-separated subnets, so your
> problem is independent of the strongSwan version. You must set up a
> separate connection definition for each subnet.
> On 06/16/2016 06:27 AM, Jayapal Reddy wrote:
> > Hi,
> > I am using strongswan ipsec 4.5.2. In this version multiple right
> > subnets with comma (,) separated is working only for the first subnet.
> > We have setup where up upgraded from openswan to strongswan. In this
> > setup only first right subnet is working.
> > We are using left right debain virtual router and right side Juniper SRX
> > and we are using ikev1. We can't split that into multiple connections
> > because right side Juniper srx config can't be changed because it is in
> > customer location.
> > Can some one suggest us how to resolve this. Is there patch available
> > for this ?
> > I have tried strongswan 5.2 from backports. in this setup my tunnel is
> > not coming up.
> > It is bit urgent, your inputs are highly appreciated.
> > Thanks,
> > Jayapal
> Andreas Steffen andreas.steffen at strongswan.org
> strongSwan - the Open Source VPN Solution! www.strongswan.org
> Institute for Internet Technologies and Applications
> University of Applied Sciences Rapperswil
> CH-8640 Rapperswil (Switzerland)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users