Dear all, I had some problems about virtual IP. I tried to set up a voice phone call through the tunnel to core network via security gateway. I also want to get an virtual IP so I add leftsourceip=%config in ipsec.conf. But If I add leftsourceip=%config in ipsec.conf, the SCTP packets will not go through the tunnel, but ping packets will. ...............If I remove leftsrouceip=%config from ipsec.conf, the SCTP packets will flow through the tunnel. Could you give me some hints what is happened and what should I check? I am using kernel version 2.6.28. Here is my configuration: ipsec.conf config setup plutostart=no conn %default rekeymargin=3m keyingtries=1 keyexchange=ikev2 dpdaction=clear conn rw-eapaka left=192.168.0.102 leftid=001080123456144 leftauth=eap leftsourceip=%config right=192.168.0.103 rightid="C=tw, ST=tw, O=tw, OU=tw, CN=sun" rightauth=pubkey rightsubnet=0.0.0.0/0 auto=add ipse.conf in security gateway: config setup strictcrlpolicy=no plutostart=no conn %default ikelifetime=60m keylife=20m rekeymargin=3m keyingtries=1 keyexchange=ikev2 conn rw-eapaka left=192.168.0.100 leftsubnet=0.0.0.0/0 leftid="C=tw, ST=tw, O=tw, OU=tw, CN=sun" leftcert=sunCert.pem leftauth=pubkey
rightid=001080123456144 rightsourceip=192.168.1.128 rightsendcert=never right=%any rightauth=eap-aka auto=add ___________________________________________________ 您的生活即時通 - 溝通、娛樂、生活、工作一次搞定! http://messenger.yahoo.com.tw/ _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
