Hi,
> How exactly do these kind of kind of multipath routes compare to
> multiple routes with different priorities/metrics? In your case you
> have multiple paths with the same weight, how is the actual
> nexthop/interface chosen by the kernel?
The nexthop of a multipath route is selected random
That worked, thank you very much.
On Tue, Apr 25, 2017 at 7:53 AM, Tobias Brunner
wrote:
> Hi Piyush,
>
> > while the rightID on server would be %any.
>
> If you set `rightcert` this will cause `rightid` to default to the
> subject DN of the certificate, which in turn won't match "client". So
>
Ok, I found out and everything is working flawlessly.
The WD's GPL toolchain for the MyCloud device fooled me.
While the .config had CONFIG_INET_ESP=m, after LOTS of tinkering, I've
found that in the source code it has:
[rfreire@rf ipv4]$ grep esp Makefile
#obj-$(CONFIG_INET_ESP) += esp4.o
YES:
Hello René,
On 25.04.2017 20:04, Rene Maurer wrote:
> Meanwhile I have looked at the time stamps and IMHO they are a little bit
> strange:
>
>>> Apr 25 16:32:28 daemon.info syslog: 05[NET] sending packet: from
>>> 10.64.33.100[4500] to xxx.137.25.195[4500] (1120 bytes)
>>> 16:32:32.802620 IP 10
Hello Noel
Noel Kuntze wrote :
> (I'm answering this from my original email account now.)
And I see your email now in my email account.
>> But when I look at the log on my site together with
>> "tcpdump -i ppp0", I have the impression that ikev2_auth
>> is sent (once).
>
> This looks good.
Hello René,
(I'm answering this from my original email account now.)
On 25.04.2017 19:05, Rene Maurer wrote:
> Routing is as follows:
>
> # ip route show table 220
> 10.4.30.0/24 via xxx.137.25.195 dev ppp0 proto static src 10.4.48.1
>
> # route -n
> Kernel IP routing table
> Destination
Hello Noel
On 25.04.2017 12:50, Noel Kuntze wrote:
Thank you very much for answering!
> "left=%config" doesn't make sense. %config is neither a known keyword nor a
> valid resolvable hostname.
> If your routing table is sane and specifies the source IPs for the routes,
> you don't need to set
Apple Configurator 2
(https://itunes.apple.com/us/app/apple-configurator-2/id1037126344) works well
for building IKEv2 VPN profiles for macOS and iOS. You can even edit the
profile later (they’re just XML plist format) to configure options that aren’t
exposed in the GUI, such as on-demand conne
Hi Piyush,
> while the rightID on server would be %any.
If you set `rightcert` this will cause `rightid` to default to the
subject DN of the certificate, which in turn won't match "client". So
either set `rightid=client` or don't set `leftid` on the client so the
client's own identity defaults t
Hi Dusan,
> default
> nexthop via 90.225.x.x dev vlan845 weight 1
> nexthop via 10.248.x.x dev ppp0 weight 256
> nexthop via 85.24.x.x dev vlan847 weight 1
> nexthop via 46.195.x.x dev ppp1 weight 1
>
> My gateway is configured to use 10.248.0.x as "default
I’m having some trouble with my VPN connections, and I’d like to
get some commercial support.
Anyone feel up to helping me out?
___
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
Hello René,
On 25.04.2017 12:42, Rene Maurer wrote:
> conn home
> keyexchange=ikev2
> ike=aes128-sha256-modp1024!
> esp=aes128-sha256!
> left=%config
"left=%config" doesn't make sense. %config is neither a known keyword nor a
valid resolvable hostname.
If your routing table is san
Hello
I am new to strongSwan and I try to establish a connection between an
embedded Linux box (using Linux strongSwan U5.3.0/K3.14.43) and a MOXA
switch located on remote site.
On the embedded Linux box I have two interfaces:
ppp0 connects to the internet (using GPRS).
eth0 (10.4.48.1) connects
Hello Alex,
On 25.04.2017 10:48, Alex Sharaz wrote:
> ens1f0Link encap:Ethernet HWaddr 00:14:4f:0d:d0:c8
> inet addr:144.32.128.198 Bcast:144.32.129.255 Mask:255.255.254.0
> inet6 addr: 2001:630:61:180::1:c6/64 Scope:Global
> inet6 addr: fe80::214:4fff:fe0d:d0c
Hi,
Seem to have a problem assigning an IP address to a client from our
campus dhcp server
Running strongswan 5.5.2
loaded plugins: charon unbound pkcs11 aes des rc2 sha2 sha1 md5 random
nonce x509 revocation constraints acert pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp
dnskey sshkey dnscert ipseckey p
Hi Paul,
> I'm afraid I'm struggling with the wiki documentation and would like
> to use the roadwarrior app - however it asks for a username whereas I
> want to use the certificate already installed on the machine (which is
> used for Active Directory integration), what can I do here?
Use the cl
16 matches
Mail list logo