[strongSwan] client virtual ip address assignment issue with dhcp
Noel Kuntze
noel.kuntze+strongswan-users-ml at thermi.consulting
Tue Apr 25 11:25:43 CEST 2017
Hello Alex,
On 25.04.2017 10:48, Alex Sharaz wrote:
> ens1f0 Link encap:Ethernet HWaddr 00:14:4f:0d:d0:c8
> inet addr:144.32.128.198 Bcast:144.32.129.255 Mask:255.255.254.0
> inet6 addr: 2001:630:61:180::1:c6/64 Scope:Global
> inet6 addr: fe80::214:4fff:fe0d:d0c8/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:5882984 errors:0 dropped:5307 overruns:0 frame:0
> TX packets:995070 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:1009471362 (1.0 GB) TX bytes:264680178 (264.6 MB)
> Interrupt:30 Memory:b3d80000-b3da0000
>
> ens1f1 Link encap:Ethernet HWaddr 00:14:4f:0d:d0:c9
> inet addr:10.16.35.121 Bcast:10.16.35.127 Mask:255.255.255.248
> inet6 addr: fe80::214:4fff:fe0d:d0c9/64 Scope:Link
> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
> RX packets:21887 errors:0 dropped:0 overruns:0 frame:0
> TX packets:1313 errors:0 dropped:0 overruns:0 carrier:0
> collisions:0 txqueuelen:1000
> RX bytes:1428333 (1.4 MB) TX bytes:216885 (216.8 KB)
> Interrupt:32 Memory:b3de0000-b3e00000
>
It that's Linux, please stop using ifconfig. It's part of the net-tools family that's been deprecated
and unmaintained since the early 2000s. Use iproute2 instead.
> The 3rd one however fails as the dhcp server sees a request from interface ends1f1 and tells me there isn't an ip address pool defined for address space 10.16.35..../x, which is correct, there isn't.
>
> Do I have to create another interface on the von server in address space 172.18.64.0/24 <http://172.18.64.0/24> and tell dhcp to send reqyuestout via that?
No, you don't need another interface. You can either do some DHCP relay chaining or make your DHCP server serve the subnet on the network ends1f1 is connected to.
--
Noel Kuntze
IT security consultant
GPG Key ID: 0x0739AD6C
Fingerprint: 3524 93BE B5F7 8E63 1372 AF2D F54E E40B 0739 AD6C
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170425/a13dce8e/attachment.sig>
More information about the Users
mailing list