[Swan] Possible to setup multiple connections, partly behind NAT?
Paul Wouters
paul at nohats.ca
Tue Feb 13 16:52:10 EET 2024
On Tue, 13 Feb 2024, Phil Nightowl wrote:
> conn headq
> left=%defaultroute
> leftcert=remotehost1
> leftid=%fromcert
> right=198.51.100.33
> rightid=%fromcert
> leftsubnet=0.0.0.0/0
> rightsubnet=0.0.0.0/0
What are you trying to do here? Where does 0.0.0.0/0 live? It cannot
live at both sides of the tunnel. Where would a packet for 1.2.3.4
need to go? To left or to right?
Are you trying to make a route based VPN without using an ipsec interface?
Paul
More information about the Swan
mailing list