[strongSwan] Multiple rightsubnet
Levente
leventelist at gmail.com
Mon Jul 31 14:01:43 CEST 2017
Thank you for getting back to me. I'll try that.
Lev
On Mon, Jul 31, 2017 at 11:08 AM, Noel Kuntze
<noel.kuntze+strongswan-users-ml at thermi.consulting> wrote:
> Hi,
>
> The documentation has: https://wiki.strongswan.org/projects/strongswan/wiki/FAQ#Multiple-subnets-per-SA
>
> Kind regards
>
> Noel
>
>
> On 31.07.2017 11:04, Levente wrote:
>> Dear list,
>>
>>
>> I try to set up multiple subnet in rightsubnet. As per the
>> documentation, we use the notation like this:
>>
>> rightsubnet=10.132.207.0/27, 192.168.1.0/24
>>
>> in ipsec.conf.
>>
>> What I see is that only the first subnet is created. The other end is
>> a Checkpoint firewall.
>>
>> I also tried creating multiple independent tunnels, but then I get
>> invalid key exchange error. On the firewall, we see 'invalid key
>>
>> If we create only one tunnel, it is working for any subnet.
>>
>> I tried the whole setup with a pfsense firewall and there are no problems.
>>
>> Anyone have same experience? ...or maybe some pointers?
>>
>> Thank you,
>> Levente
>
More information about the Users
mailing list