[Swan] Understanding left/rightsubnet for "VPN server for remote clients using IKEv2"

Tuomo Soini tis at foobar.fi
Mon Mar 28 16:10:52 EEST 2022

On Mon, 28 Mar 2022 11:47:07 +0200
Brady Johnson <bradyjoh at redhat.com> wrote:

> Tuomi,
> Thank you for your reply.
> I will put the client on a different subnet, but as it is now it is
> creating a working tunnel between the 2 hosts.

No. server and client being in same subnet is not your issue - the
protected subnets are your issue - you need to understand basic
networking - IPsec is policy based but still network connection must be
routable. So you must have different subnets on different ends of the

about - that is default route.

Tuomo Soini <tis at foobar.fi>
Foobar Linux services
+358 40 5240030
Foobar Oy <https://foobar.fi/>

More information about the Swan mailing list