[Swan] How to handle multiple networks on both ends?
Xinwei Hong
xhong at skytap.com
Fri Jan 20 00:49:22 UTC 2017
Hi,
Another question. If I have multiple networks on both side of the ipsec
tunnel, I assume we would need use leftsubnets/rightsubnets to specify
multiple networks. However, in my last email, we found that
leftsourceip/rightsourceip are required. Since we have multiple networks
now, what address should be used as the sourceip?
Also, with our current setting using racoon, we can add/remove subnets on
the fly once the tunnel is established. We just do some spdadd to tell the
tunnel new subnets. To do the same thing, do we have to make change to
ipsec.conf file and restart pluto daemon now? We want the existing
connections uninterrupted.
Thanks,
Xinwei
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20170119/84df6aab/attachment.html>
More information about the Swan
mailing list