<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
        {font-family:"Cordia New";
        panose-1:2 11 3 4 2 2 2 2 2 4;}
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0in;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:blue;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
.MsoChpDefault
        {mso-style-type:export-only;}
@page WordSection1
        {size:8.5in 11.0in;
        margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
        {page:WordSection1;}
--></style></head><body lang=EN-US link=blue vlink="#954F72"><div class=WordSection1><p class=MsoNormal>Hi Joe, </p><p class=MsoNormal>Libreswan3-2.1/Ikev2/Centos 7.5 , it will say – syntax error <o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal> </p><p class=MsoNormal>Sent from <a href="https://go.microsoft.com/fwlink/?LinkId=550986">Mail</a> for Windows 10</p><p class=MsoNormal><o:p> </o:p></p><div style='mso-element:para-border-div;border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal style='border:none;padding:0in'><b>From: </b><a href="mailto:Joe.Madden@mottmac.com">Madden, Joe</a><br><b>Sent: </b>Thursday, September 27, 2018 22:15<br><b>To: </b><a href="mailto:satavee@gmail.com">Satavee Junwana</a>; <a href="mailto:jkephart@safetynetaccess.com">J Kephart</a><br><b>Cc: </b><a href="mailto:swan@lists.libreswan.org">swan@lists.libreswan.org</a><br><b>Subject: </b>RE: [Swan] rightsubnets</p></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><span lang=EN-GB>I believe it should be like this:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB>It should be like this:<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB>rightsubnets=<a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F172.16.1.0%2F24&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=fUe4dlIfdwohxNUVnEu9iKjr9vMjql730khGfVUXiYw%3D&reserved=0">172.16.1.0/24</a>,<a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F192.168.3.0%2F24&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=zZF9%2FeGuSc1s3kRwTYpQVdbAEnUl0DkD4gCpjWPDTl4%3D&reserved=0">192.168.3.0/24</a><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB>Cheers.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB>Joe.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0in 0in 0in'><p class=MsoNormal><b>From:</b> Swan <swan-bounces@lists.libreswan.org> <b>On Behalf Of </b>Satavee Junwana<br><b>Sent:</b> 27 September 2018 15:59<br><b>To:</b> J Kephart <jkephart@safetynetaccess.com><br><b>Cc:</b> swan@lists.libreswan.org<br><b>Subject:</b> Re: [Swan] rightsubnets<o:p></o:p></p></div></div><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-GB> I also have the same problem for ikev2., <br>Libreswan initiate phase1 for each submet. But there has no problem wth ikve1 ... noted:libreswarn-3.26<o:p></o:p></span></p><div id=AppleMailSignature><p class=MsoNormal><span lang=EN-GB>Sent via Iphone<o:p></o:p></span></p></div><div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-GB><br>On 27 Sep 2018, at 21:47, J Kephart <<a href="mailto:jkephart@safetynetaccess.com">jkephart@safetynetaccess.com</a>> wrote:<o:p></o:p></span></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-GB><o:p> </o:p></span></p><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><div><div><div><div><div><p class=MsoNormal><span lang=EN-GB>What is right way to put in config r amore than one subnet?<o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-GB>On some forums i find:<o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-GB>rightsubnets={<a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F172.16.1.0%2F24&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=fUe4dlIfdwohxNUVnEu9iKjr9vMjql730khGfVUXiYw%3D&reserved=0">172.16.1.0/24</a> <a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F192.168.3.0%2F24&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=zZF9%2FeGuSc1s3kRwTYpQVdbAEnUl0DkD4gCpjWPDTl4%3D&reserved=0">192.168.3.0/24</a>}<o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-GB>rightsubnets={<a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F172.16.1.0%2F24%2C192.168.3.0%2F24&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=goPl%2B6qs1e7TIB0iRjtO9qU80WYQh%2FxenbNQTKMdYV4%3D&reserved=0">172.16.1.0/24,192.168.3.0/24</a>}<br>rightsubnets={<a href="https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2F172.16.1.0%2F24%2C192.168.3.0%2F24%2C&data=01%7C01%7Cjoe.madden%40mottmac.com%7C09972c5374bc48cd3b4608d62489d0dc%7Ca2bed0c459574f73b0c2a811407590fb%7C0&sdata=8bGTKZKrrQPPMHtnQd4CiQvLFLrrz8Y%2BSyP4D2NcdK4%3D&reserved=0">172.16.1.0/24,192.168.3.0/24,</a>}<o:p></o:p></span></p></div><div><p class=MsoNormal><span lang=EN-GB>What variant right?<o:p></o:p></span></p></div><p class=MsoNormal><span lang=EN-GB><o:p> </o:p></span></p></div></div></div></div></blockquote></div></blockquote><p class=MsoNormal style='mso-margin-top-alt:0in;margin-right:.5in;margin-bottom:5.0pt;margin-left:.5in'><span lang=EN-GB><br>Eugeniy, use the comma-separated format.  That's the one that worked for us.<br><br>-- Jim<o:p></o:p></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>