On Thu, 23 Apr 2020, None None wrote:
Just create separate "conn" section for each certificate common names i.e. conn ikev2-1st-client ... rightid="CN=client1" rightaddresspool=192.168.43.5-192.168.43.5 conn ikev2-2nd-client ... rightid="CN=client2" rightaddresspool=192.168.43.6-192.168.43.6 And client was bind to ip based on they certificate =)
Yes but I would use rightsubnet=192.168.43.5/32 instead of rightaddresspool. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
