[strongSwan] Ipv6 subnet aggregation on SA
Kevin Maziere
kevin at kbrwadventure.com
Thu Jun 23 14:59:23 CEST 2016
Hi,
My setup :
* ....*
*conn base-rw #configuration for roadwarrior= left=%any leftid=my.id.com
<http://my.id.com>
leftsubnet=172.16.0.0/12,2001:41d0:dddd:dd01::/64,2001:41d0:dddd:dd02::/64,2001:41d0:dddd:dd03::/64,2001:41d0:dddd:dd04::/6,2001:41d0:dddd:dd05::/64
<http://172.16.0.0/12,2001:41d0:dddd:dd01::/64,2001:41d0:dddd:dd02::/64,2001:41d0:dddd:dd03::/64,2001:41d0:dddd:dd04::/6,2001:41d0:dddd:dd05::/64>
#leftfirewall=yes right=%any
rightsourceip=192.168.100.0/24,2001:41d0:dddd:ddaa::/64
<http://192.168.100.0/24,2001:41d0:dddd:ddaa::/64>....*
And when I start it :
----
*CHILD_SA ssh{1} established with SPIs ce3ec08f_i ccfea7af_o and TS
192.168.100.1/32 <http://192.168.100.1/32> 2001:41d0:9a:dddd:ddaa::1/128
=== 172.16.0.0/12 <http://172.16.0.0/12> 2000::/6 *
So why the SA is for 2000/6 ??
Any ideas ?
Kévin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160623/f1a45d84/attachment.html>
More information about the Users
mailing list