ightsubnet=192.168.43.5/32 not working
connection fails with ikev2_child_sa_respond returned STF_FAIL+v2N_TS_UNACCEPTABLE
connection fails with ikev2_child_sa_respond returned STF_FAIL+v2N_TS_UNACCEPTABLE
as i'm write before with rightaddresspool=192.168.43.5-192.168.43.5 all fine
23.04.2020, 18:56, "Paul Wouters" <[email protected]>:
On Thu, 23 Apr 2020, None None wrote:
Just create separate "conn" section for each certificate common names
i.e.
conn ikev2-1st-client
...
rightid="CN=client1"
rightaddresspool=192.168.43.5-192.168.43.5
conn ikev2-2nd-client
...
rightid="CN=client2"
rightaddresspool=192.168.43.6-192.168.43.6
And client was bind to ip based on they certificate =)
Yes but I would use rightsubnet=192.168.43.5/32 instead of
rightaddresspool.
Paul
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
