Yes you are right 

Sent from my iPhone

> On Feb 14, 2020, at 11:38, John Crisp <jcr...@safeandsoundit.co.uk> wrote:
> 
> I realised I may have been under a misapprehension here....
> 
> Messing about with L2TP & Ipsec again
> 
> 
> 
> So if I follow the documentation and have this as basic:
> 
> virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
> 
> 
> 
> The ipsec server sits on a 192.168.100.0 network and issues DHCP itself in 
> the range
> 
> 192.168.100.0 - 192.168.100.100
> 
> 
> 
> The L2TPD dial in server gives out a few IP addresses in the range:
> 
> 192.168.100.176/28
> 
> 
> 
> It has this in the ipsec connection setting:
> 
> rightsubnet=vhost:%priv
> 
> 
> 
> I *think* that the virtual-private line should be like this:
> 
> virtual-private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12, 
> %v4:!192.168.100.176/28
> 
> 
> 
> Can someone confirm that this is correct, or am I missing something?
> 
> 
> 
> B. Rgds
> 
> John
> 
> _______________________________________________
> Swan mailing list
> Swan@lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan

Reply via email to