Hi,
> >> Add left/rightsourceip. Note you only need it for the local end but there
> >> is no harm adding it for both ends. For subnet/subnet connections the
> >> routing table is not used (check out "ip xfrm policy" and "ip xfrm
> >> state"). You only get the routing entry if you use
New commits:
commit fc0d23af73c6694a1fc114adfae9063eaa4995e7
Author: Paul Wouters
Date: Fri Feb 8 17:16:06 2019 -0500
testing: change delete-sa-04 into an ikev1- and ikev2- variant
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
On Sat, 9 Feb 2019, Alex wrote:
conn orion-wyckoff-subnets
also=orion-wyckoff
rightsubnet=192.168.11.0/24
leftsubnet=192.168.1.0/24
Add left/rightsourceip. Note you only need it for the local end but there is no harm adding it for
both ends. For subnet/subnet
Hi,
> Hi, I'm trying to build a subnet-to-subnet VPN with libreswan-3.27 on
> fedora28 and having some trouble. Should the subnets already exist on
> the remote networks, or does libreswan create them? When I use the
> config below, the networks disappear from the routing table and the
> servers
New commits:
commit a38bf74755916ec12e0915107e50e684e8ed764a
Author: D. Hugh Redelmeier
Date: Sat Feb 9 13:12:29 2019 -0500
pluto: x509.c: simplify odd dataflow in add_cert_san_pubkeys
___
Swan-commit mailing list
Swan-commit@lists.libreswan.org
New commits:
commit 24f233b234fb3f8c19d70bfe1a65417e1fe4b094
Author: D. Hugh Redelmeier
Date: Sat Feb 9 12:48:36 2019 -0500
pluto: tidying around certificate code
- note and affirm that struct certs member "cert" is never NULL
- reduce scope of some auto variables
New commits:
commit 22839400b4324822d076ab49f1880a545903ac20
Author: D. Hugh Redelmeier
Date: Sat Feb 9 11:52:00 2019 -0500
pluto: x509.c: simplify show_cert_t and its users
commit f73235e68ecf6413af8c5a5d6b0d0afd9d7d73b8
Author: D. Hugh Redelmeier
Date: Sat Feb 9 11:48:44 2019 -0500
| echo "NSS_HAS_IPSEC_PROFILE = true" >> Makefile.inc.local
This worked.
More documentation or more automation might have made this easier.
It is mentioned in testing/pluto/ikev2-x509-02-eku/description.txt but
not in a way that was clear to me.
___
New commits:
commit 3c9bf91a946e8dbef5aefc21e4b9bc1c2f69fa4f
Author: Andrew Cagney
Date: Fri Feb 8 11:23:12 2019 -0500
proposals: add a new parser that allows multiple algorithms of the same
type per proposal, enable for IKEv2
For instance:
ike=aes_gcm+aes+ccm
New commits:
commit 4e9b1f7961101043b50d6346c1688a9d0703cb7e
Author: Andrew Cagney
Date: Wed Feb 6 16:29:20 2019 -0500
proposals: eliminate proposal and algorithm size limits
Update the consumers: for IKEv1, hack things to assume at there is at
most one algorithm of each type
On 08/02/2019 21:20, Alex wrote:
Hi, I'm trying to build a subnet-to-subnet VPN with libreswan-3.27 on
fedora28 and having some trouble. Should the subnets already exist on
the remote networks, or does libreswan create them? When I use the
config below, the
11 matches
Mail list logo
