Hi
Is it possible to send multiple IKEv2 proposals?
The use case being, one with combined mode ciphers and the other without.
Many thanks
smime.p7s
Description: S/MIME cryptographic signature
Hi Harald,
>> Is a search domain actually required in your setup? Because, as I said,
>> there is no standardized IKEv2 attribute for it at all.
>>
>
> Yes, definitively. My colleages are used to openvpn and its NetworkManager
> plugin, supporting several "dhcp-options", including domain search
Hi Benoit,
you can compile strongSwan with both options --enable-tss-trousers
and --enable-tss-tss2 and the libtpmtss library will automatically
detect wheter a TPM 1.2 or TPM 2.0 device is present, prefering
TPM 2.0 over TPM 1.2.
For TPM 1.2 support the libtspi trousers library is required
and
Hi Harald,
> using IKEv2 and NetworkManager I wonder how the DNS domain search
> attribute is supposed to be added to /etc/resolv.conf?
There is no such attribute for IKEv2.
> My attr.conf on the IPsec gateway says
>
> attr {
> dns = 10.0.122.9, 10.0.96.123, 10.0.96.124
> nbns =
Hi folks,
using IKEv2 and NetworkManager I wonder how the DNS domain search
attribute is supposed to be added to /etc/resolv.conf?
My attr.conf on the IPsec gateway says
attr {
dns = 10.0.122.9, 10.0.96.123, 10.0.96.124
nbns = 10.0.98.253
28674 = ipsec.example.com ac.example.com
Hi folks,
using IKEv2 and NetworkManager I wonder how the DNS domain search
attribute is supposed to be added to /etc/resolv.conf?
My attr.conf on the IPsec gateway says
attr {
dns = 10.0.122.9, 10.0.96.123, 10.0.96.124
nbns = 10.0.98.253
28674 = ipsec.example.com ac.example.com
Hi @all,
I would like to move from my very old Shrew Soft iked to Strongswan. Can
somebody give me some help to convert the config ?
Here is my Shrew Soft iced Config:
n:version:4
n:network-ike-port:500
n:network-mtu-size:1380
n:client-addr-auto:1
n:network-natt-port:4500
All,
Looking for some help on the leftsubnet = stanza. Is there a way to put
mulitiple subnets on the same line? I need to give access to 3 subnets on my
side from 1 subnet on theirs. I have tried:
leftsubnet = 10.10.10.0/24 10.10.11.0/24 (and tried putting a comma in between
them but it
Hi all,
I am interested to use the strongswan tnc, specifically the PTS
(IMV/IMC) mode.
I went to this following pages :
https://wiki.strongswan.org/projects/strongswan/wiki/IMA
https://wiki.strongswan.org/projects/strongswan/wiki/TrustedNetworkConnect
Hi @all,
I would like to move from my very old Shrew Soft iked to Strongswan. Can
somebody give me some help to convert the config ?
Here is my Shrew Soft iced Config:
n:version:4
n:network-ike-port:500
n:network-mtu-size:1380
n:client-addr-auto:1
n:network-natt-port:4500
10 matches
Mail list logo
