[Swan] ip based on certs
Wolfgang Nothdurft
wolfgang at linogate.de
Thu Feb 1 09:57:15 EET 2024
Am 01.02.24 um 02:41 schrieb Paul Wouters:
> On Wed, 31 Jan 2024, Marc wrote:
>
>> I am using this libreswan setup[1]
>>
>> I was wondering what would be the best practice to assign the same ip
>> (from the rightaddresspool) to a client using a specific certificate.
>> Maybe based on this rightid=%fromcert?
>
> It's on our TODO list, see
> https://github.com/libreswan/libreswan/issues/473
>
> Paul
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
>
Isn't that already possible if you use the same configuration for every
client and change only rightid and rightadresspool like:
conn client1
...
rightid=client1
rightadresspool=10.10.20.1-10.10.20.1
conn client2
...
rightid=client2
rightadresspool=10.10.20.2-10.10.20.2
Wolfgang
More information about the Swan
mailing list