[Swan] no work - Subnet extrusion - in CentOS 6.8
Sergey Mihailov
sergey.mihailov at gmail.com
Mon Jul 25 06:17:32 UTC 2016
( Sorry Bad my english )
Its correct ? :
( remote side )
---
conn mytunnel
leftid=@off1.net.prn.int
left=192.168.121.17
leftsourceip=192.168.129.254
leftsubnets={192.168.129.0/24 192.168.128.0/24} # <--- ? (subnets)
leftrsasigkey=0sAQ1xad9N...
#
rightid=@main.prn.int
right=192.168.121.1
rightsourceip=192.168.1.60
rightsubnet=0.0.0.0/0
rightrsasigkey=0sAQMCfFm....
#
authby=rsasig
auto=start
conn 129-exclude
left=0.0.0.0 # <---- ? (left)
leftsubnet=192.168.129.0/24
right=192.168.129.254
rightsubnet=192.168.129.0/24
authby=never
type=passthrough
auto=route
conn 128-exclude
left=192.168.128.250
leftsubnet=192.168.128.0/24
right=0.0.0.0 # <----- ? (right)
rightsubnet=192.168.128.0/24
authby=never
type=passthrough
auto=route
---
No really works in CentOS 6.8 + updates.
I see : https://libreswan.org/wiki/Subnet_extrusion
...
conn branch1 # <--- ? ( branch1 )
left=1.2.3.4
leftid=@headoffice
leftsubnet=0.0.0.0/0
leftrsasigkey=0sA[...]
#
right=10.11.12.13
rightid=@branch2 # <---- ? ( branch2 )
righsubnet=10.0.1.0/24
rightrsasigkey=0sAYYYY[...]
#
auto=start
authby=rsasigkey
conn passthrough
left=1.2.3.4 # <--- ? ( from headoffice)
right=0.0.0.0
leftsubnet=10.0.1.0/24 # <--- ? ( from brach2 )
rightsubnet=10.0.1.0/24
authby=never
type=passthrough
auto=route
...
strange :(
Thanks.
--
mx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20160725/32c0f564/attachment.html>
More information about the Swan
mailing list