[strongSwan] connection from private networks?
Volodymyr Litovka
doka.ua at gmx.com
Tue Jan 5 22:18:04 CET 2021
Hello colleagues,
I added yet another connection (absolutely similar to others - on both
server and client side, except source WAN address) to the config and
this endpoint can not connect:
charon-systemd[89567]: ike config match: 0 (x.x.x.x...%any IKEv2)
charon-systemd[89567]: ike config match: 0 (x.x.x.x...y.y.y.y IKEv2)
charon-systemd[89567]: ike config match: 0 (x.x.x.x...z.z.z.z IKEv2)
charon-systemd[89567]: ike config match: 0 (x.x.x.x...%any IKEv2)
charon-systemd[89567]: message repeated 6 times: [ ike config match: 0 (x.x.x.x...%any IKEv2)]
the only difference between this one and other (with same config as I
said above) is source address - this one which is failing is the only
one which connects from private networks, other connections are from
Internet.
Connectivity is ok, hosts can ping each other, so no issues on network
side. For some reasons, Strongswan can not find connection's config.
Sorry for probably stupid question, but the quick question at the moment
is - can be there some restrictions in Strongswan which prevent
connections from RFC1918 networks and, if they are, where are they?
Thank you.
--
Volodymyr Litovka
"Vision without Execution is Hallucination." -- Thomas Edison
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20210105/3948b891/attachment.html>
More information about the Users
mailing list