Hi,
> I've now tried to do it using RSA keys, but it has a problem with the > "%any" statement: I forgot to add the ipsec auto output that shows it has a problem with %any: > config setup > protostack=netkey > > conn mysubnet > also=wyckofftun > rightsubnet=192.168.11.0/24 > leftsubnet=192.168.1.0/24 > auto=start > > conn wyckofftun > authby=rsasig > auto=start > ikev2=insist > fragmentation=yes > > # dynamic side > rightid=@wyckoff-orion > right=%any > # rsakey AwEAAbhmG > rightrsasigkey=0sAwEAAbhmGOeY6... > > # server side > leftid=@orion-wyckoff > left=%defaultroute > # rsakey AwEAAbrFz > leftrsasigkey=0sAwEAAbrFzHlMRChBGKU... # ipsec auto --up wyckofftun 029 "wyckofftun": cannot initiate connection without knowing peer IP address (kind=CK_TEMPLATE) 036 failed to initiate wyckofftun _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
