On Sun, 11 Jan 2015, Ali Gangji wrote: > ipsec.conf connection config: > > type=transport > pfs=no > keyingtries=0 > left=192.168.1.102 > leftsubnet=192.168.1.0/24 > right=XXX.dyndns.org > rightid=192.168.0.X > rightsubnet=192.168.0.0/24 wait, you must use type=tunnel if you have subnets. Paul