Dear list,
After many years, back with StrongS/WAN for our VPN needs. It's good to
see so much progress has been made, absolutely wonderful! Especially the
ikev2 feature, which supports multiple traffic selectors is great.
On that topic, I do have a question. I'm trying to set up a tunnel
between two end points. One behind a NAT device, the other directly to
the internet. There is however, not where the issue is, ikev2 picks up
on NAT-T just fine. I am trying to define multiple subnets to route over
the VPN:
conn tunnel
keyexchange=ikev2
left=%defaultroute
leftsubnet=10.1.0.0/24,10.2.0.0/24
right=*moderated*
rightsubnet=10.20.0/24
authby=secret
auto=start
10.2.0.0/24 however is not a subnet in which the StrongS/WAN box
resides. It resides behind yet another VPN appliance. So the routing
table on the "left" side would include something like:
to 10.2.0.0/24 via 10.1.0.254 metric 1
However, StrongS/WAN refuses to create the traffic selector giving me
the error:
"no local address found in traffic selector 10.2.0.0/24"
Does StrongS/WAN support what I'm trying todo, and if so - what am I
doing wrong?
Thanks in advance for your help,
Best regards,
Joep
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
