Re: [strongSwan] multiple ipsec tunnels (multiple ipsec/esp SAs between 2 peer gws with 1 IKE SA)

15[CFG] looking for peer configs matching 172.17.10.10[srv.strongswan.org]...172.17.10.253[c5-1.strongswan.org] 15[CFG] no matching peer config found 15[ENC] generating IKE_AUTH response 1 [ N(AUTH_FAILED) ] conn rw-server left=172.17.10.10 leftsubnet=192.168.20.0/24

Re: [strongSwan] regarding reauthenticating IKE_SA due to address change

Hi Ujial, Interface eth1 ipaddress is given as : 10.29.11.66 /16 and the viratual ip address 10.29.11.67/16 http://10.29.11.67/16 . The tunnels as follows 1)10.29.11.66--10.29.11.36 2)10.29.11.67--10.29.11.36 This

Re: [strongSwan] multiple ipsec tunnels (multiple ipsec/esp SAs between 2 peer gws with 1 IKE SA)

Hi The problem is not the secret, but that no config matches on your responder. leftid defaults to left (172.17.10.10), but actually is srv.strongswan.org. Try leftid=srv.strongswan.org, or even leftid=%any. I did just that, i used leftid=%any on the rw-server. But when i start the ipsec (ipsec

Re: [strongSwan] multiple ipsec tunnels (multiple ipsec/esp SAs between 2 peer gws with 1 IKE SA)

Hi One more followup info. On the m/c enabled with load-tester plugin and simulating multiple rw-clients, i have the following strongswan.conf config file: --- # strongswan.conf - strongSwan configuration file charon