Hello,
Iâm trying to set up an ikev2 connection to a remote box that has multiple
subnets behind it. I am able to pass traffic successfully when I set up my
iked.conf file to only pass traffic on a single subnet on each end, but Iâd
like to set it up similar to the way you can in ipsec.conf with
ike esp from 192.168.1.0/24 to {10.10.0.0/24, 10.10.254.0/24}
Here is the iked.conf that Iâm working from
ikev2 âtest1" esp \
from 10.50.3.0/24 to 10.10.0.0/24 \
peer 1.2.3.4 \
ikesa enc aes-128 auth hmac-sha1 group modp1024 \
childsa enc aes-128 auth hmac-sha1 \
psk âpassword123â
This works fine and allows me to pass traffic back and forth without issues.
ikev2 âtest1" esp \
from 10.50.3.0/24 to 10.10.0.0/24 \
from 10.50.3.0/24 to 10.10.254.0/24 \
peer 1.2.3.4 \
ikesa enc aes-128 auth hmac-sha1 group modp1024 \
childsa enc aes-128 auth hmac-sha1 \
psk âpassword123â
I am only able to pass traffic from the second rule - 10.50.3.0/24 <->
10.10.254.0/24
How can I set up my iked.conf to pass traffic to both remote subnets?
Thanks,
Mattias
