[Swan-dev] What does "missing v2CP reply" mean?
Brady Johnson
bradyjoh at redhat.com
Tue Feb 27 17:46:51 EET 2024
Right, but for this use case we didnt want the server to assign an IP to
the client.
Thanks,
*Brady Johnson*
Principal Software Engineer
Telco Verification Ecosystems Engineering
brady.johnson at redhat.com
On Tue, Feb 27, 2024 at 4:40 PM Paul Wouters <paul at nohats.ca> wrote:
> On Tue, 27 Feb 2024, Brady Johnson via Swan-dev wrote:
>
> > We tried several changes to the client nmstate configuration. Setting
> "ipv4: dhcp: false" caused a configuration error in nmstate.
> > We have created a bug for that and the nmstate team is working on it.
> > Then, we tried with the same client nmstate configuration, but added
> "leftmodecfgclient: false" and this allowed us to establish the
> > tunnel.
> >
> > So, apparently, the "ipv4: dhcp: true" nmstate configuration causes the
> client to request IP addresses and DNS. And setting
> > "leftmodecfgclient: false" overrides that in the nmstate configuration.
>
> Note that for libreswan 5.0, the client should use something like:
>
> leftsubnet=0.0.0.0/0,::/0
>
> And the server should use something like:
>
> rightaddresspool=100.64.13.0/24,2a03:6000:1005::/97
>
> and it will hand out both v4 and v6 addresses on the same single IPsec
> SA.
>
> Paul
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20240227/20dac5e0/attachment.htm>
More information about the Swan-dev
mailing list