Hi,
I had a doubt regarding the support of IP addresses and ports as
traffic selectors.
For example:-
I have following SPD Entry. All the entries are using same security association:
S.No. Source IP Destination IP Src Port Dst
Port SA Ptr
1 1.1.1.1 2.2.2.2 100
100 1
2 1.1.1.1 2.2.2.2 200
200 1
3 1.1.1.1 3.3.3.3 300
300 1
4 1.1.1.1 3.3.3.3 400
400 1
Please Note: Entries 1&2 and 3&4 have same Src/Dst Ip Pair
So, Is it possible to have a SINGLE Security Association for
protecting traffic of all 4 policies above. If yes then how to specify
the same in ipsec.conf
Also, does it hold true for both IKEv1(pluto) and IKEv2(charon)
Thanks and Regards,
Vivek
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
