[strongSwan] Multiple rightsubnet

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Mon Jul 31 11:08:17 CEST 2017


Hi,

The documentation has: https://wiki.strongswan.org/projects/strongswan/wiki/FAQ#Multiple-subnets-per-SA

Kind regards

Noel


On 31.07.2017 11:04, Levente wrote:
> Dear list,
>
>
> I try to set up multiple subnet in rightsubnet. As per the
> documentation, we use the notation like this:
>
> rightsubnet=10.132.207.0/27, 192.168.1.0/24
>
> in ipsec.conf.
>
> What I see is that only the first subnet is created. The other end is
> a Checkpoint firewall.
>
> I also tried creating multiple independent tunnels, but then I get
> invalid key exchange error. On the firewall, we see 'invalid key
>
> If we create only one tunnel, it is working for any subnet.
>
> I tried the whole setup with a pfsense firewall and there are no problems.
>
> Anyone have same experience? ...or maybe some pointers?
>
> Thank you,
> Levente

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170731/e3ff8af8/attachment.sig>


More information about the Users mailing list