Hi,
Is it possible to have two or more subnets, each configured with the
same srcid, dstid and peer? Currently I cannot make it work. It works
only for the first subnet in the roadwarior config file. Is is possible
at all, no matter what IPsec implementation I would like to use?
# router: /etc/ipsec.conf(5)
ike passive esp tunnel \
from 172.16.0.0/16 to any \
srcid net4511.example.com
ike passive esp tunnel \
from 192.168.1.0/24 to any \
srcid net4511.example.com
ike passive esp tunnel \
from 192.168.2.0/24 to any \
srcid net4511.example.com
ike passive esp tunnel \
from 192.168.3.0/24 to any \
srcid net4511.example.com
# roadwarior: /etc/ipsec.conf(5)
ike dynamic esp tunnel \
from egress to 172.16.0.0/16 \
peer net4511.example.com \
srcid x40.openbsd.home.lan dstid net4511.example.com
ike dynamic esp tunnel \
from egress to 192.168.3.0/24 \
peer net4511.example.com \
srcid x40.openbsd.home.lan dstid net4511.example.com
Both systems are not older than:
# sysctl -n kern.version
OpenBSD 4.4-current (GENERIC) #1050: Wed Sep 10 12:18:05 MDT 2008
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC
--
best regards
q#
