[Swan] Multiple devices behind single NAT IP
Paul Wouters
pwouters at redhat.com
Wed Aug 7 15:15:25 EEST 2013
On Mon, 5 Aug 2013, Mike C wrote:
> Is there a way to force connection identification to be performed only after the peer IDs are sent in IKEv1 main mode?
No. It's the reason they came up with Aggressive Mode.
> Or IKEv2,
IKEv2 is like IKEv1 Aggressive Mode.
> In case it's of use see http://pastebin.com/dVFQbcTt with the full plutodebug=all output. In both cases, I'm trying to bring
> 'routers-13', having added it first to the server followed by 'routers-12'.
I'd have to check into this later. It should be possible to have
multiple connections like that. Not sure yet why it fails for you.
Paul
More information about the Swan
mailing list