[Swan] Libreswan 4.3 | Failing with dropping unexpected IKE_SA_INIT message containing NO_PROPOSAL_CHOSEN notification
Paul Wouters
paul at nohats.ca
Wed Mar 24 19:36:56 UTC 2021
On Thu, 25 Mar 2021, Blue Aquan wrote:
> Server side
>
> conn MOBILE
> left=europa.abc.com
> leftsubnet=192.168.1.0/24
> right=%any
> rightaddresspool=10.10.128.10-10.10.128.20
add leftid=@europa.abc.com
> Client side
>
> conn EUROPA
> left=%defaultroute
> leftsubnet=10.10.128.0/24
> right=europa.abc.com
> rightsubnet=192.168.1.0/24
> rightid=@europa.abc.com
I cannot tell whether you want a tunnel established from 10.10.128.0/24 <-> 192.168.1.0/24
Or that you want to hand out an addresspool to the client via rightaddresspool=
If you meant a subnet to subnet, then on the conn MOBILE replace the
addresspool line with rightsubnet=10.10.128.0/24
If you meant giving it a single IP, then remote the
rightsubnet=192.168.1.0/24 and add rightsubnet=0.0.0.0/0 with narrowing=yes
Paul
More information about the Swan
mailing list