[Swan] opportunistic ipsec configuration help

[Patrisious Haddad]

I'm trying to make an opportunistic ipsec configuration, below are attached my what I have in my .conf file and my policy file:

please note that when I use right:(my_ip) and left:(otherside_ip) , my libreswan works just fine, it is just when I try to use opportunistic I get the following error : (after I do "ipsec auto --start private")
"cannot initiate connection (serial $7) without knowing peer IP address (kind=CK_GROUP)"

I'm very new and I have no idea why he can't figure out the Ip address or what I'm supposed to do, since I gave him the expected IPs CIDR ...
(btw my configuration are two machines that are connected directly back to back)

and all I do is "ipsec setup --start" on both of them , then I try to do "ipsec auto --start private" on one of them - without opportunstic that works fine ...

also when I try to use left = %defaultroute , it doesn't work same error ( matter of fact default route doesnt work without opportunstic even and i'm not sure what its value is in my case ..)

here is my .conf file:
conn private
    leftid=@west
    left=172.16.0.1
    #left=%defaultroute
        leftrsasigkey=0sAwEAAaxcwaWgb9+1zXbEG7mqfPaPBeGREwtkoEnuoldwxx9M2T8PR1Nb3TZjySV8wIOyJqPOlMx31EzsePXysNJqlclKHXpayqutfyKz5FPn0SC6GlBDdkQduSJo6Jj/YK2oZmGmwkr6xgtDzksIrZVHP1+ImR6FE4oyTU4OOA0BzC53kcm/U3JUyxdwDv59+SQVY0AtUYmBxRBFEq5+uxtDc118VhmasEY2OSbtwP+kQIjcGU9JZTQyTtjNgrulSms0WvL1u7KCXD8uWF3p6aiL6abycmNbCIV83KPuuvxXzP/cDPPwolzayX3feQykFwqAlT2YHYJHkXNqkr6ycX8Q4SDGrIxnZeo7cdahhoGOHqoVsMly6C4sD1KrbgJOy5Fv2n4wW2YyfeFrxyxxm7txgeiRHqntRLfssaTUcmqY6ShWA5ickJZlosFMyxQ9UDQB8m2DLiL0jAUKgsjsp5yDQd0eoV6qT9WXxCRYoWSyieeEHqe36QPENlyEjX2UOAWI909uwo/ZJJGrBH76fqX2voU=
    rightid=@east
    #right=172.16.0.2
    right=%opportunisticgroup
 rightrsasigkey=0sAwEAAZX+dhUk4BHitbWoJ8LSQlSBaRUnbRjEm4PXuYCjOIyJ97Gglb51gInf7RQUNd6TXPSOAHqtVwiP2ncwIXmbSb/Y3uBleUWIb+Uvu4VFmmZciX0iK2jsVkeghTxO+GGPaXexGRWVdBbHFCbOy4r2/eX5wtHb854u5+vwBF8tgvTizDMZqJHZ9QeCtpdhPFU+oZxIDXYlyKFUG//ckVt204GHMC7WYUPcIQ8HKejth9wjw3QT1Vi/ybfAj5WZSKN44yyo2cofCfsgVosXJQbARs3bQoTSB9bBEGJ+YGTh7ItSTsTzxA09ICGM6F7uuLRfAxHJ1E0FqlLKw+4h0J/FaI3DyjmgNyuRI9t0MSgo0AqjkiMEBqizhUpNk0L7s5oq70BgY0YYSGDS4p/ITKTho0KNo4ShVOM0xmrmsrpp9FQYW+808JQ2FWLmzsVifSGEu/eJZgyDwdPkWTqHJJvaScnamPbHphbbaYtGhjmRQ6hJmng+wvBhNoQTcAi5z8rdKKN8Ns920hcXZgHR3gqgPDT23fpw8oB7R2zFApm1pEPMd8stH7wNUZMqCrdyDMwsor7aCslgtCMZ
    authby=null
    auto=ondemand
    keyingtries=1
    type=transport
    nic-offload=packet

and here is my policies/private
172.16.0.0/24

my machines have ips of 172.16.0.1 and 172.16.0.2
and obviously the second machine got the same policies file and very similar.conf file(but left and right changed accordingly).

any idea what I'm doing wrong or how can I get opportunstic configuration to work ?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20230320/2daea214/attachment.htm>