[Swan] rightsubnets

Satavee Junwana satavee at gmail.com
Thu Sep 27 15:41:40 UTC 2018 

Hi Joe,
Currently I have Libreswan-3.21rc5/CenOS6.9, it working fine either ikev1 or ikev2 –

But I’m planed and testing for updating to CentOS7.X/Libreswan-3.26, as mentioned on previous email 

I;’ve configuration that working fine with IKEv1, just only change to IKEv2 … 


Libreswan keep initial phase 1 for both/all subnet  and “YES” as you said its only work latest subnet that we “ipssec auto –up ….”
 
Sent from Mail for Windows 10

From: Madden, Joe
Sent: Thursday, September 27, 2018 22:31
To: Eugeniy Khvastunov; nick at howitts.co.uk
Cc: swan at lists.libreswan.org
Subject: Re: [Swan] rightsubnets

In all cases work only last subnet from list.

I had the same issue with a StrongSwan instance as the remote end.

This was the issue:

https://www.mail-archive.com/search?l=swan@lists.libreswan.org&q=subject:%22Re%5C%3A+%5C%5BSwan%5C%5D+Tunnels+coming+establishing+and+dropping+quickly%22&o=newest&f=1



From: Swan <swan-bounces at lists.libreswan.org> On Behalf Of Eugeniy Khvastunov
Sent: 27 September 2018 15:50
To: nick at howitts.co.uk
Cc: swan at lists.libreswan.org
Subject: Re: [Swan] rightsubnets

In all cases work only last subnet from list.
P.S.: libreswan-3.23-5.el7_5.x86_64

On Thu, Sep 27, 2018 at 5:46 PM Nick Howitt <nick at howitts.co.uk> wrote:
AFAIK the first and second work. At a guess the third might. Try it and see if you connections instantiate as expected.
On 27/09/2018 15:41, Eugeniy Khvastunov wrote:
Hi all!
What is right way to put in config more than one subnet?
On some forums i find:
rightsubnets={172.16.1.0/24 192.168.3.0/24}
rightsubnets={172.16.1.0/24,192.168.3.0/24}
rightsubnets={172.16.1.0/24,192.168.3.0/24,}
What variant right?
-- 
wbr. Eugeniy Khvastunov,
   System administrator.
       [FMGH-UANIC]
 http://blog.unlimite.net

_______________________________________________
Swan mailing list
Swan at lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan

_______________________________________________
Swan mailing list
Swan at lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan


-- 
wbr. Eugeniy Khvastunov,
   System administrator.
       [FMGH-UANIC]
 http://blog.unlimite.net

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180927/f478ba1a/attachment.html>

More information about the Swan mailing list