[Swan] IKEv2 multiple subnets CIDRs on single Child SA
Frank Liu
gfrankliu at gmail.com
Tue Sep 15 18:40:07 UTC 2020
https://cloud.google.com/network-connectivity/docs/vpn/concepts/choosing-networks-routing#ts-ip-ranges
says:
*Important:* When using IKEv2, your peer VPN gateway *must* accept all of
the CIDRs in each traffic selector using a single Child SA. Not all VPN
gateways support this. VPN gateways that create a unique Child SA per CIDR
are *not* compatible with Cloud VPN.
Does Libreswan support this? I tried Strongswan and that worked, but
couldn't get it to work with Libreswan.
Thanks!
Frank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20200915/9e22ec7a/attachment.html>
More information about the Swan
mailing list