Re: [Swan] Possible to setup multiple connections, partly behind NAT?

Paul Wouters via Swan Wed, 21 Feb 2024 10:34:35 -0800

On Wed, 21 Feb 2024, Phil Nightowl wrote:

Server conf:


conn remotesite
    left=%defaultroute
    leftcert=server
    leftsubnet=192.168.1.253/32
    right=%any
    rightaddresspool=192.0.2.0/24
    auto=add
    ikev2=yes
    authby=rsasig
    leftid=%fromcert
    rightid=%fromcert
    leftrsasigkey=%cert
    rightrsasigkey=%cert
    pfs=yes
    aggressive=no
    salifetime=1h
    negotiationshunt=hold
    failureshunt=drop
    rekey=no


add narrowing=yes on the serer as well.

Paul
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan

Re: [Swan] Possible to setup multiple connections, partly behind NAT?

Reply via email to