[Swan] IPv6 implicit connection
Paul Wouters
paul at nohats.ca
Wed May 27 06:04:13 EEST 2015
On Tue, 26 May 2015, Brandon Enochs wrote:
> Are IPv6 host to host connections with right specified as a subnet supported?
Yes, for example:
ipsec.conf:
conn ipv6
left=2001:db8:1:2::45
leftid="@west"
right=2001:db8:1:2::23
rightsubnet=2001:db8:0:2::/64
rightid="@east"
auto=ondemand
authby=secret
ipsec.secrets:
2001:db8:1:2::45 2001:db8:1:2::23 : PSK "secret"
If your endpoints (left/right) are IPv4, and your subnet is IPv6, then
you need a leftsubnet as well (with an ipv6 range) because both need to
be of the same IP address family, and you need to add connaddrfamily=6
Paul
More information about the Swan
mailing list