On Thu, 15 Feb 2024, Phil Nightowl wrote:
conn headq
left=%defaultroute
leftcert=remotehost1
leftid=%fromcert
right=198.51.100.33
rightid=%fromcert
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
What are you trying to do here? Where does 0.0.0.0/0 live? It cannot
live at both
On Fri, 16 Feb 2024 16:12:20 +0100
Brady Johnson via Swan-dev wrote:
> I included the configuration in the original email, and it did not
> include "narrowing", nor "leftmodecfgclient". I'll check if either of
> those are set by default.
My guess is that "dhcp" in NetworkManager configuration
I included the configuration in the original email, and it did not include
"narrowing", nor "leftmodecfgclient". I'll check if either of those are set
by default.
Would it have been better to send this email to "Libreswan users"?
Regards,
*Brady Johnson*
Principal Software Engineer
Telco
On Fri, 16 Feb 2024, Brady Johnson via Swan-dev wrote:
Subject: Re: [Swan-dev] What does "missing v2CP reply" mean?
Would it be more helpful to enable debug logging? Or is there some other test
that could be done
to figure this out?
It seems your peer has not been configured to hand out IP
Would it be more helpful to enable debug logging? Or is there some other
test that could be done to figure this out?
Regards,
*Brady Johnson*
Principal Software Engineer
Telco Verification Ecosystems Engineering
brady.john...@redhat.com
On Fri, Feb 16, 2024 at 1:45 AM Andrew Cagney
wrote:
>
I tried the same subnet case with out offloads and that works very cleanly.
# ip x s s
src 192.167.0.2 dst 192.167.0.3
proto esp spi 0xcdc36e21 reqid 16413 mode transport
replay-window 0 flag esn
aead rfc4106(gcm(aes))