[Swan] Possible to setup multiple connections, partly behind NAT?
Paul Wouters
paul at nohats.ca
Wed Feb 21 20:34:15 EET 2024
On Wed, 21 Feb 2024, Phil Nightowl wrote:
> Server conf:
>
> conn remotesite
> left=%defaultroute
> leftcert=server
> leftsubnet=192.168.1.253/32
> right=%any
> rightaddresspool=192.0.2.0/24
> auto=add
> ikev2=yes
> authby=rsasig
> leftid=%fromcert
> rightid=%fromcert
> leftrsasigkey=%cert
> rightrsasigkey=%cert
> pfs=yes
> aggressive=no
> salifetime=1h
> negotiationshunt=hold
> failureshunt=drop
> rekey=no
add narrowing=yes on the serer as well.
Paul
More information about the Swan
mailing list