[strongSwan] Net to net double nat problem
Tobias Brunner
tobias at strongswan.org
Fri Jun 5 09:48:37 CEST 2020
Hi,
> children {
> net {
> local_ts = 172.28.10.0/24
>
> if_id_out = 42
> if_id_in = 42
> }
> }
> ...
> charon-systemd[134046]: traffic selectors 5.2.2.2.2/32 ===
> 192.168.0.2/32 unacceptable
You haven't specified a remote traffic selector, so it defaults to the
public remote IP address. Since the responder apparently used its
private IP as traffic selector that won't match. You'll probably want
to configure the remote traffic selector explicitly (remote_ts).
Regards,
Tobias
More information about the Users
mailing list