[strongSwan] Help! I can't configure Windows 10 to send remote id (leftid) for IKEv2
Marwan Khalili
choklad_321 at hotmail.com
Tue Sep 25 16:47:47 CEST 2018
Hello,
I have a strongSwan server running with the ipsec.conf pasted below.
The clients are using Windows 10 and macOS and they must be able to choose connection. I am trying to separate the connections using "leftid" with different subdomains for each connection (e.g. vpn1.example.org, vpn2.example.org).
My solution below works in macOS by matching "Remote ID" with the appropriate "leftid", however I can't get it to work in Windows 10.
I am very grateful to any help or ideas of how I can solve this.
ipsec.conf
--------------
conn %default
auto=add
dpdaction=clear
dpddelay=180s
eap_identity=%any
esp=aes256-sha256,aes256-sha1,3des-sha1!
forceencaps=yes
ike=aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024!
keyexchange=ikev2
leftcert=cert.pem
leftsendcert=always
rightauth=eap-mschapv2
rightsendcert=never
conn conn1
left=%any
leftid=@vpn1.example.org
leftsubnet=0.0.0.0/0
right=%any
rightid=%any
rightdns=8.8.8.8,8.8.4.4
rightsourceip=10.10.10.1/24
conn conn2
left=%any
leftid=@vpn2.khalili.xyz
leftsubnet=0.0.0.0/0
right=%any
rightid=%any
rightdns=8.8.8.8,8.8.4.4
rightsourceip=10.10.10.2/24
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180925/9d04532e/attachment.html>
More information about the Users
mailing list