[Swan] no work - Subnet extrusion - in CentOS 6.8
Sergey Mihailov
sergey.mihailov at gmail.com
Wed Jul 27 04:57:32 UTC 2016
config-1:
------------
conn mytunnel
leftid=@off1.net.prn.int
left=192.168.121.17
leftsourceip=192.168.129.254
leftsubnet=192.168.128.0/23
leftrsasigkey=0sAQ1xad9N4...
#
rightid=@main.prn.int
right=192.168.121.1
rightsourceip=192.168.1.60
rightsubnet=0.0.0.0/0
rightrsasigkey=0sAQMCfFm...
#
authby=rsasig
auto=start
conn 129-exclude
left=192.168.129.254
leftsubnet=192.168.129.0/24
right=0.0.0.0
rightsubnet=192.168.129.0/24
authby=never
type=passthrough
auto=route
conn 128-exclude
left=192.168.128.250
leftsubnet=192.168.128.0/24
right=0.0.0.0
rightsubnet=192.168.128.0/24
authby=never
type=passthrough
auto=route
config-2:
------------
conn mytunnel
leftid=@off1.net.prn.int
left=192.168.121.17
leftsourceip=192.168.129.254
leftsubnets={192.168.129.0/24 192.168.128.0/24}
leftrsasigkey=0sAQ1xad9N4...
#
rightid=@main.prn.int
right=192.168.121.1
rightsourceip=192.168.1.60
rightsubnet=192.168.1.0/24
rightrsasigkey=0sAQMCfFm...
#
authby=rsasig
auto=start
config1 - no works.
config2 - works.
Thanks.
2016-07-26 11:44 GMT+03:00 Paul Wouters <paul at nohats.ca>:
The config on the libreswan wiki page is correct, so you must
> have misunderstood it? You can try sharing the full config
> again from one of the branch offices, so we can have a look.
>
> Paul
>
--
mx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20160727/0bdbf67f/attachment.html>
More information about the Swan
mailing list