[strongSwan] Tunnels with dynamic IP and another route issue

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Thu Apr 27 22:57:24 CEST 2017

On 27.04.2017 22:38, Dusan Ilic wrote:
> I would really appreciate some help with below also, Im having a Hard time understanding how Strongswan chooses connection definitions and ipsec secrets.
Based on IPs, identities and authentication methods.
> For example, how can I setup an ikev2 psk tunnel between two hosts with dynamic dns?
Look at the "site-2-dynamic-ip" example at the UsableExamples page[1] for a configuration that uses
certificates for authentication. Read the text at the beginning of the page.
> Can I have several ip secrets or connections with %any?
No. One secret per identity.
> Ive tried with %dyndns but seem to get some errors about constraints and such. If someone would give me an explanation that would be great!
You need to paste logs to get help.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170427/87493581/attachment.sig>

More information about the Users mailing list