[Swan] IPsec/L2TP Subnet Restriction
Bob Miller
bob at computerisms.ca
Wed Mar 30 16:06:27 UTC 2016
Hi Chris,
> conn RWConn # road warrior connection description
> authby=secret
> pfs=no
> auto=add
> keyingtries=3
> rekey=no
> type=transport
> left=x.x.x.x
> leftnexthop=%defaultroute
> leftprotoport=17/1701
I usually put here 17/%any
> leftsubnets={ 192.168.10.0/24 }
try leftsubnet=192.168.10.0/24 instead of leftsubnets
> right=%any
>
> rightsubnet=vhost:%priv,%no
Make sure the virtual_private= line contains %v4:!192.168.10.0/24
hope it helps
More information about the Swan
mailing list