t;
> leftid=%san,%dn
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640
rify this? In particular, if there is both a DN and one
or more subjectAltName values, how does it choose which one to send?
Will it try them all?
Regards,
Daniel
==========
Andreas Steffen andreas.stef...@strong
>
> Is there any way to avoid this problem? This is using StrongSwan 4.6.4.
>
>
>
> Thanks in advance,
>
>
>
> Brian Pruss
>
> Motorola Solutions, Inc.
>
>
>
>
>
>
>
> _______
>
supported for IKEv2 prior to 5.0.0.
Dan
On Sun, Jul 7, 2013 at 9:34 PM, Andreas Steffen
wrote:
Hi Dan,
where did you read that? I don't see any "prior" in the current
ipsec.conf man page.
Regards
Andreas
On 07/08/2013 06:27 AM, Dan Cook wrote:
Funny. I just found that ou
t;> network.
>>>
>>> If this is not possible, can you please advise where in the code I
>>> should look to "force" this connection to UDP encapsulation.
>>>
>>> Thanks,
>>> Dan Cook
>>
>> ===
ation.
>
> Thanks,
> Dan Cook
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Ra
t; cef09c72 and reqid {1133}
> Jul 3 19:25:31 16[KNL] creating rekey job for ESP CHILD_SA with SPI
> cc84aaa8 and reqid {1156}
>
>
>
>
>
>
>
> Joshua J. Gross
links will bring me to main page
> (<http://www.strongswan.org/>).
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
Un
l/testresults/ikev1/xauth-rsa/index.html
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applie
ey Identifier:
> keyid:1E:1E:EC:92:8B:D6:4D:0B:05:9E:40:DF:53:88:FC:8C:22:B3:13:8A
>
> X509v3 CRL Number:
> 1
>
> With external PKI, we found "netscapeCertType" and "Digital Signature"
> extensions in the CA and the end point certificates and
o for converting pkcs8 private key to
> pkcs1 .
>
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Application
led
> charon: 00[LIB] plugin 'stroke': loaded successfully
> charon: 00[LIB] plugin 'kernel-netlink': loaded successfully
>
>
> -Bhargav
>
>
> On Sat, Jun 1, 2013 at 3:17 AM, Andreas Steffen
> mailto:andreas.stef...@strongswan.org>>
>
t; -END PRIVATE KEY-
>
> --Bhargav
>
>
>
> ___________
> Users mailing list
> Users@lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
--
==
Andreas Steffen
y[4500]
> May 30 09:44:48 linode charon: 01[ENC] parsed INFORMATIONAL request 2 [
> D ]
> May 30 09:44:48 linode charon: 01[IKE] received DELETE for IKE_SA
> vpnuser[2]
> May 30 09:44:48 linode charon: 01[IKE] deleting IKE_SA vpnuser[2]
> between y.y.y.y[C=CH, O=linode, CN=linode].
--enable-imv-attestation \
> --enable-imv-os \
> --enable-imc-os
>
> I am not sure what I am missing or where is the error, so any help
> would be appreciated. When using attestation IMV and OS IMV with
> charon daemon, things work fine.
>
> Th
7 20:45:39 centos-6 charon: 15[CFG] no matching peer config found
> May 7 20:45:39 centos-6 charon: 15[ENC] generating IKE_AUTH response 1
> [ N(AUTH_FAILED) ]
> May 7 20:45:39 centos-6 charon: 15[NET] sending packet: from
> YYY.YYY.YYY.YYY[4500] to XXX.XXX.XXX.XXX[4500]
>
>
>
>
>
00 encryption: DES_CBC 3DES_CBC CAST_CBC BLOWFISH_CBC NULL AES_CBC
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
Unive
n with the openssl plugin (./confiure --enable
openssl) or can i force its use for the verification for example with
the strongswan.conf file?
Thanks
Kelly
======
Andreas Steffen andreas.stef...@strongswan.org
a ldap user's, the password is not sent... and
> radius server says "Login incorrect".
>
> Is there a way to make it work with an ldap authentication ? Ldap
> plugins is loaded on my strongswan server.
=====
that without creating an own CA just for
> strongSwan? For example can I tell strongSwan to only allow clients
> which client certificates are also stored in /etc/ipsec.d/certs?
>
==========
Andreas Steffen andreas
Why should we?
Andreas
On 04/26/2013 11:16 PM, Noel Kuntze wrote:
> Hello,
>
> Is it planned to add support for CISCO's proprietary UDP encapsulation?
>
> Regards,
> Noel
=======
se AESNI if hardware support?
>
> Thanks.
>
> --
> Kris
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for
S session fails.
> Thu Apr 25 12:11:27 2013 : Auth: Login incorrect (TLS Alert
> read:fatal:certificate unknown): [login] (from client serv-tests port 9
> cli 192.168.110.65[4500])
>
==
Andreas Steffen andreas.stef...@strongswan.org
stron
rightrsasigkey=%cert
> auto=add
>
> Could anyone tell me where the password must be set ? Or is there a way
> to force my server asking for user's credentials each time ?
>
> Thanks for you help.
>
--
==
Andreas Stef
ch the app limits
> me to.
>
> Thanks, John
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet T
fit to it or something?
>
> Regards,
> Noel
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technolo
on dh algorithms using strongswan but i didn't find these
> algorithms : ecp_192,ecp_224,ecp_256,ecp_384 and ecp_521
>
> please, i want to know if the strongswan supports it or no, if yes how
> can i use it?
>
========
ttp://ipsec.org>
> leftsubnet=192.168.7.0/24 <http://192.168.7.0/24>
> leftfirewall=yes
> right=%any
> auto=add
>
>
>
> ----
&
;
> On Sat, Apr 6, 2013 at 4:17 PM, Andreas Steffen
> mailto:andreas.stef...@strongswan.org>>
> wrote:
>
> It seems as if you didn't have a CHILD_SA in the first place.
> Didn't the IKE negotiation complete successfully or did the
> peer delete t
On 04/06/2013 05:07 PM, Kris wrote:
> Hi, Andreas
>
> Thanks for your explanation. Because there're some logs with username
> '192.168.3.254' in my Radius accounting DB, so I worry about it should
> be the correct username, or not, user's traffic accounting may be not
tsourceip=%ippool
> ikelifetime=48h
> lifetime=48h
> rekeymargin=9m
> rekey=no
> reauth=no
> dpddelay=30
> dpdtimeout=150
> dpdaction=clear
>
> --
> Kris
===
04:13 PM, Arun G Nair wrote:
>> Hi,
>>
>>What can I do on strongswan to keep a tunnel alive even if
>> there's no traffic flowing ? I've dpdaction set to restart. What
>> else can be done ?
>>
>> Regards,
===
how strongswan determines CRL is stale or not. If a CA
> revokes a certificate immediately after successful CRL fetch, how long
> does it take for Strongswan to make the Certificate stale . How can such
> problems be avoided?
>
> Thanks!
>
> Jordan.
>
>
> On
regards
Tobias Brunner, Andreas Steffen, Martin Willi &
Reto Bürki, Reto Guadagnini, Adrian Rüegsegger
The extended strongSwan Team
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the L
:46:59 vpn charon: 08[IKE] no peer config found
> Apr 6 16:46:59 vpn charon: 08[ENC] generating INFORMATIONAL_V1 request
> 2169293305 [ N(AUTH_FAILED) ]
> Apr 6 16:46:59 vpn charon: 08[NET] sending packet: from
> 192.168.100.200[500] to 2.2.2.2[47894] (56 bytes)
>
> I tried change ipsec.secret
d to determine caching time*/?/*/*
> */
> /*
> */
> So for how long is the CRL cache valid with SS 5.0.X? How often does SS
> fetch CRLs.
>
> With **/*/strictcrlpolicy = yes./*/
> / What happens if CRL URI is not reachable.
>
> /
> I appreciate your help!
>
= start
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (S
ikedscp Configuration Option
The "ikedscp" ipsec.conf option can set DiffServ code points as
defined by RFC 2474 on outgoing IKE packets.
ikedscp = 00 |
Please test our release candidate and report any problems. ETA for
the sta
4:06:51 debian charon: 12[CFG] looking for RSA signature peer
> configs matching 172.16.151.100...172.16.151.141[di...@ipsec.org
> <mailto:di...@ipsec.org>]
> Mar 26 14:06:51 debian charon: 12[CFG] selected peer config "rw"
> Mar 26 14:06:51 debian charon: 12[
t; sub-CAy/SEG”)
>
> Does authentication work?
>
> Best Regards
> Mugur
>
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.stro
;s ipsec.conf :
>
> rightsourceip=%tech-v6,%tech-v4
>
> The result was that strongswan distributed 2 addresses from the
> tech-v6 pool. Is there an error in my configuration ?
>
> kind regards, Claude
>
>
>
> ________
?
thanks,
Chad
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rappersw
9 17:28:43 charon: 09[CFG] using certificate "CN=user5..."
> *Mar 9 17:28:43 charon: 09[CFG] no issuer certificate found for
> "CN=user5"
> Mar 9 17:28:43 charon: 09[IKE] no trusted RSA public key found for 'user5'*
>
> Mar 9 17:28:43 char
ards
Martin
[1]http://www.strongswan.org/docs/Steffen_Klassert_Parallelizing_IPsec.pdf
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
In
eady is running and y compile it the program
> again?
> is it going to overwrite my actual configuration?
>
> in positive case ¿ is there another way to add the eap-radius plugin?
>
> thanks in advance.
==
Andreas
at the VM
> hosts have no idea which location they are in?
>
> Regards,
>
> Daniel
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!
nd destroy of IKE_SA
successful
I get the same error when I try to connect with an iPhone or the GreenBow
VPN client, so I guess there must be something wrong on the server side.
How can I fix this? What else can I test?
Lars
=========
cipher. I experimentally set it to the
> NULL cipher "null-sha1!". is there any logging I can enable to see
> what cipher's a client device supports?
>
> Any other obvious areas I should look at?
>
> Thanks.
==
>
> Alternatively, is there any command-line mechanism to tell charon to
> re-read the crluri? If that exists then I could just have a cron
> which periodically tells charon to re-check it.
>
> Thanks.
==
Andrea
192.168.0.22# tcpdump -i eth0 port 500 or port 4500
> (nothing...)
>
> Even after logging plutodebug=all I see no errors in /var/log/auth.log.
> What do I need to change to make pluto(8) send IKE UDP datagrams?
>
> Thanks,
> Michael
==
Andreas St
an.
>
> Thanks!
>
> Jordan.
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
Uni
PF_KEY messages in IPv4+IPv6
environment?
It doesnot work on my setup, although IPv4 or IPv6 works just fine.
Thanks,
Jay
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution
untered so that we can fix them before the final release.
Best regards
Andreas
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applic
p: ESP(spi=0xc70472da,seq=0x65f),
length 132
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and App
re, and
loaded...
Any help really appreciated!
Thanks,
--
*Braga, Bruno*
www.brunobraga.net <http://www.brunobraga.net>
bruno.br...@gmail.com <mailto:bruno.br...@gmail.com>
==
Andreas Steffen andreas.stef...@strongswan.o
/charon (17492): 03[IKE] received INTERNAL_ADDRESS_FAILURE notify, no
CHILD_SA built
I/charon (17492): 03[IKE] closing IKE_SA due CHILD_SA setup failure
I/charon (17492): 03[IKE] received AUTH_LIFETIME of 2881s, scheduling
reauthentication in 2281s
I/charon (17492): 03[IKE] peer supports MOB
solve
this?
Thanks
Andy
On Thu, Jan 3, 2013 at 9:30 AM, Andreas Steffen
mailto:andreas.stef...@strongswan.org>>
wrote:
Hello Andy,
our instructions recommend to get the openssl code and header
files from our repository:
The openssl Directory
This directory c
bstrongswan/plugins/openssl/openssl_pkcs7.c:24:25:
fatal error: openssl/cms.h: No such file or directory.
Any idea?
Thanks
Andy
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux V
the logs if necessary.
>
> Do you have an idea if there is some wrong configuration on my side?
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!w
he companys intranet using my HTC smartphone with its pre installed VPN
client. So, i think there is no special protocol behaviour of the NCP
VPN gateway.
I will apprecitate any help.
Thanks and regards
Markus
--
==
Andrea
"L2TP"[2] 213.226.63.142:33677 <http://213.226.63.142:33677>
STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_EXPIRE in
3972s; newest ISAKMP
When I look on tcpdump on udp ports 500/4500, I see no packets(DPD) from
IPSec gateway, to remote device (A
y you could try to add multiple CN RDNs
--dn "C=CH, O=strongSwan, CN=vpn.foo.com, CN=vpn.bar.com"
which is totally ok with subject DNs.
Regards
Andreas
On 18.12.2012 21:46, kgardenia42 wrote:
On Tue, Dec 18, 2012 at 6:09 PM, Andreas Steffen
wrote:
Hi,
while generating your server
18.12.2012 19:48, Kris wrote:
Looking like the client doesn't play well with network roaming, when
switch to 3G from WiFi, the client doesn't establish VPN again, same
of roaming around 3G towers.
--
Kris
======
Andre
ec.conf). Is there a known gotcha there or have I
just missed something? If so I'll start from scratch.
Thanks.
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!
to negotiate on sha256_96 on the same kernels.
--
Best Regards
Mohit
==
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for
c-nat-t-ike-00
>
>
> Beside the differences in "Unknown Vendor ID" and the "L2TP Client"
> the strongSwan packet conatains the XAUTH "Flag".
>
> May this be the problem of the gateway timeouts?
>
> How could we disable the XAUT at th
o:E=ad...@metronome-software.com>"
> I/charon ( 5507): 16[CFG] reached self-signed root ca with a path
> length of 0
> I/charon ( 5507): 16[IKE] authentication of 'C=US, ST=VA, L=RESTON,
> O=Metronome Software LLC, OU=Metronome, CN=192.168.24.2,
> E=ad...@metronome-soft
1.0.1c and strongswan 4.6.3. I compiled
them with the default configure, which may lead to the issue. If someone
can answer the question, I appreciate you very much. Thanks in advance!
BR,
Simon
======
Andre
; Tel.(289) 261-5801|Fax (905) 629-7836
> Email amilano...@rim.com <mailto:amilano...@rim.com>**
>
>
>
>
>
>
>
> Description: www.rim.com <http://www.rim.com/>Description:
> cid:image001.png@01CB37B8.EC492D80
==
h IPSec tools
> look like?
>
> Regards,
> Jakob Curdes
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for
ame pluto[3586]:
> "peer-54.240.204.92-tunnel-vti" #97136: *DPD: R_U_THERE has invalid SPI
> length (0)*
> /var/log/messages:Nov 27 10:58:56 hostname pluto[3586]:
> "peer-54.240.204.92-tunnel-vti" #97136: sending encrypted notification
> *PAYLOA
connection drops after approximately 240
> minutes. These users happen to be on Windows 7.
>
> Does anyone know why this is happening? Who is forcing the disconnect:
> the server or the client?
>
>
> Tiago
==========
ons:
> X509v3 Authority Key Identifier:
> keyid:7A:BC:B4:68:F8:B1:A2:32:44:C9:D0:EB:FD:9E:06:C2:56:01:2B:03
Regards
Andreas
======
Andreas Steffen andreas.stef...@strongswan.org
strongSwan -
Bests,
> -Igor
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University o
on: 15[CFG] certificate status is not
> available
> Nov 22 16:23:05 sphynxtestha1 charon: 15[CFG] reached self-signed root
> ca with a path length of 0
> Nov 22 16:23:05 sphynxtestha1 charon: 15[IKE] authentication of 'C=fr,
> O=gouv, OU=education, OU=ac-dijon, CN=021
und packet that the packet was discarded.
>
I'm not aware that NETKEY is sending an ICMP message to the sender
if it DISCARDS a packet.
> Regds
>
Regards
Andreas
==========
Andreas Steffen andreas.s
)
>
Yes, supported by libstrongswan
> Thanks
Best regards
Andreas
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institut
rt.der
> 5cf9759c64f7fd5cd28b47a3d1ac7f2ef4ee76c1 cert.der
>
>
> The value does not match! I must did something wrong. Could you help
> me to figure out? I attached my cacert in this email. Thanks again.
>
>
>
>
> On Wed, Nov 21, 2012 at 12:09 PM, Andreas
ommand?
>
Use these commands:
openssl x509 -in cert.pem -outform der -out cert.der
hash=`sha1sum cert.der | awk '{ print $1 }'`
>
> Thanks!
>
Regards
Andreas
==
Andreas Steffen andreas.stef...@strongswa
webapp they have to engage with to renew their account
> or whatever. Can anyone make any sugggestions on how to accomplish
> this with Strongswan? I'm assuming some sort of plugin would have to
> be involved.
========
> 13[ENC] generating IKE_AUTH response 1 [ IDr AUTH N(NO_PROP) ]
>
> Your client sends a DH group in the CHILD_SA proposals in IKE_AUTH. This
> seems wrong, as a DH exchange is never done in IKE_AUTH. The proposal
> would match in a CREATE_CHILD_SA (as you can do a DH exchan
ng it.
>
> Is it possible to configure Strongswan to use CGA for peer authentication?
>
> Thanks.
>
> --
> Julius Kriukas
>
==========
Andreas Steffen andreas.stef...@strongswan.org
strongS
same port as dhclient !
> Please cc me in answer because i'm not subscribed to the list
>
> Thx
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!
config files - and erroneously reports that they are different.
> (This is because bool has_port_wildcard might have had some non zero
> value), Hence the first connection gets terminated, though there is no
> need for this.
>
>
> Could you please check whether this is a bug.
&g
t identity.
> Is it expected to check all IP-Address present in SAN.
> or just the first IP-Address is expected to check ?
>
> Best regards,
> Deepak
> 91- 9632308791
==========
Andreas Steffen andr
rightauth=pubkey
> leftauth=pubkey
> right=192.168.6.63
> leftcert="p...@fortinet.local-cert.pem"
> leftid=@pdef
>
>
> conn forti_notworking
> rightid=@dut1fqdn
> rightsubnet=0.0.0.0/0
> leftsubnet=
anjose"[6] 66.127.20.234 #6: deleting
> connection "grandrapids" instance with peer 50.192.114.17 {isakmp=#0/ipsec=#5}
> Oct 20 14:36:58 cw1 pluto[10473]: "grandrapids" #5: deleting state
> (STATE_QUICK_R2)
> Oct 20 14:36:58 cw1 pluto[10473]: "sanjose&
a9:fb:5e:c5:b5:7a:5a:3e:0d:24:1c:81:41:25:8c:1d:06:d3:e0:4e
>
> Does that mean the client key is correctly signed and valid? If so why
> isn't the tunnel working?
>
> Again, the Netgear and certs worked last week. But a T1 outage, random
> other confounding fa
ike=aes128-aesxcbc-modp2048!
> esp=aes128-aesxcbc-modp2048!
>
> So how can I make strongswan use AES128-XCBC as the designated PRF? Thank you!
>
> Robert
======
Andreas Steffen
ftcert=/etc/openvswitch/ovsclient-cert.pem
>> right=192.168.0.2
>> rightcert=/etc/ipsec.d/certs/ovs-192.168.0.2.pem
>>
>> conn remote-192.168.0.3 #This is connection to Earth.
>> reqid=2
>> left=192.168.
popularity due to its easy configuration and robust
connection behaviour. Thanks to userland IPsec encryption the
Android 4.x device does not have to be "rooted".
Best regards
Tobias Brunner, Martin Willi & Andreas Steffen
The s
he preferable
> option would be to switch to OCSP and use in-band OCSP checking,
> RFC4806. strongSwan currently doesn't support it, though.
>
> Regards
> Martin
==
Andreas Steffen
ry the kernel
> for its supported algorithms, libipsec would obviously support it too
> but kernel-netlink has no interface to do so. But I suppose we could
> construct a custom proposal for the Android app with the knowledge of
> what libipsec actually supports (which currently is AES
er suites as well and had to settle on the ones I posted
> above for both the Windows client and Android to work at the same time.
>
> Mark-
>
==========
Andreas Steffen andreas.stef...@strongswan.org
st
ported?
>
> Regards,
> /Sabo
==========
Andreas Steffen andreas.stef...@strongswan.org
strongSwan - the Linux VPN Solution!www.strongswan.org
Institute for Internet Technologies and Applications
University
lient alice in the subnetwork behind the gateway
http://www.strongswan.org/uml/testresults/ikev2/config-payload/moon.ip.policy
XFRM_POLICY_IN would only be used for traffic terminating on
the gateway moon itself:
Regards
Andreas
> Thank you,
> Hyun
>
> 2012/9/17 Andreas Steffen <m
o run any HA test
> cases, you can also try to revert the HA kernel patches.
>
> Regards
> Martin
>
> [1]http://wiki.strongswan.org/projects/strongswan/wiki/HighAvailability#Kernel-Implementation
==
> The source code is in our Git repository (src/frontends/android).
>
> Regards,
> Tobias
>
> [1] http://developer.android.com/reference/android/net/VpnService.html
==========
Andreas Steffen
ent certificates?
>
> The thing is I would like to assign different networks to different
> users depending on their department.
>
> Thanks and Regards
>
> Dirk
==
Andreas Steffen andreas.stef...@str
machine. if any body can
> sugget a simple configuration related to it , that would be really
> helpfull.
>
> iam running strongswan 4.6.1
>
> thanks
==
Andreas Steffen andreas.stef...@
301 - 400 of 1348 matches
Mail list logo
