[strongSwan] multiple subnet in local_ts and remote_ts in swanctl.conf
Guylain Lavoie
guylainlavoie at gmail.com
Thu May 11 03:56:52 CEST 2017
Hi,
I am trying to establish a site to site tunnel from my client to a
strongswan server. On the client I have tried to add two subnets into
remote_ts separated by a comma but only the first one is ever taken into
account.
For example, if on the client I have:
local_ts=10.1.0.0/24
remote_ts=10.2.0.0/24,10.3.0.0/24
the only child SA that will be created will be 10.1.0.0/24 == 10.2.0.0/24.
If I change the ordering of the subnets in remote_ts like this:
remote_ts=10.3.0.0/24,10.2.0.0/24
I end up with the following child SA 10.1.0.0/24 == 10.3.0.0/24.
If in understand the documentation correctly it should be possible. Am I
right?
Obviously, if I could create two child but it gets a bit heavy if I have
several subnets in both local_ts and remote_ts. I would really prefer to
have only one child SA.
I am currently using version 5.5.1 of the client.
Thanks,
Guylain
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170510/7fb3e800/attachment.html>
More information about the Users
mailing list