On 01.06.16 22:39 Fabian Dreßler wrote:
> I hope you can help me with my Strongswan Configuration. The goal is to
> have a VPN Server for my Smartphone (Android) and my Computer (Ubuntu)
> in America. (I am from Germany)
Android can use IKEv2 with RSA-certificates. What does Ubuntu/VPNC
support?
Hi Ravi,
could you guide my to an RFC or Internet draft describing this dynamic
update of traffic selectors? Or are you referring to the IKEv2 Mobility
and Multihoming Protocol (RFC 4555 MOBIKE) which strongSwan has enabled
by default:
I added manual entries for policy using "ip xfrm policy" both at receptor
and initiator. Both are host and IP address of 10.13.199.185 and
10.13.199.130.
Initiator:
sudo ip xfrm policy add src 10.13.199.185 dst 10.13.199.130 dir out tmpl
src 10.13.199.185 dst 10.13.199.130 proto esp reqid
That's because you installed the policies by yourself. Don't do that.
On 02.06.2016 17:25, rajeev nohria wrote:
> I added manual entries for policy using "ip xfrm policy" both at receptor
> and initiator. Both are host and IP address of 10.13.199.185 and
> 10.13.199.130.
>
> Initiator:
>
>
Keep it on the mailing lists.
Then don't use a keying daemon. The only things a keying daemon does is install
SAs, SPs and routes.
If you don't want charon to do any of those things, don't use it.
And there's still the VICI API to charon that you can use to dynamically load
and unload any