[Swan] net-to-net for road warriors
Nick Howitt
nick at howitts.co.uk
Wed Jan 23 16:47:50 UTC 2019
Left and Right don't really matter. Libreswan will work out which is
which. Some conventions say Left=Local but it does not have to. You can
also do Left=HQ and Right=somewhere-else-or-roadwarriorc then you can
(sometimes) just copy the config file from HQ to remote and it will work.
Why does that line look wrong?
In the past you were not allowed blank lines in a config. I don't know
if that has been fixed now. Otherwise you have some.
On 23/01/2019 16:23, Alex wrote:
>> Try adding a line "interfaces=%defaultroute" to config setup.
> That does not appear to have made a difference.
>
> Just to be sure, should leftsubnet and rightsubnet remain the same on
> both sides?
>
> When using the config on the dynamic IP side, it seems to have gotten
> the route wrong:
>
> 000 "mysubnet":
> 192.168.1.0/24===68.192.251.223[@orion-wyckoff]---68.192.248.1...%any[@wyckoff-orion]===192.168.11.0/24;
> unrouted; eroute owner: #0
>
> The 192.168.1.0/24 network is on the server (left) side. The
> 192.168.11.0/24 is on the dynamic (right) side.
>
> Thanks,
> Alex
More information about the Swan
mailing list