>> strongSwan specific feature or it is specified by a RFC? >It is strongSwan specific, other implementations might do this differently. >You'll have to check this with your other implementation, >maybe there are ways to do this manually. >Regards >Martin
Similarly I wish to apply to SCTP packets a cipher suite that supersedes the cipher suite to be applied to all other packets from the same IP@ (i.e. 10.5.0.1). Can this be done by strongSwan with the example below? If yes, is this a standard (RFC) feature or strongSwan specific? Finally, what assumption can be done for priorities of policies installed by to-HOST relative to SCTP from the same example? conn to-HOST also=host-host leftsubnet=10.5.0.1 rightsubnet=10.6.0.2 esp=specific_1 auto=start conn SCTP also=host-host leftsubnet=10.5.0.1 rightsubnet=0.0.0.0/0 rightprotoport=SCTP leftprotoport=SCTP esp=specific_2 auto=start conn to-WORLD also=host-host leftsubnet=10.5.0.1 rightsubnet=0.0.0.0/0 esp=specific_3 auto=start conn host-host left=<IP address of left> right=<IP address of right> Best Regards Mugur _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users