Hi,
I wanted to create an IPsec SA that would encrypt traffic from any
destination ( rightsubnet= any ). However, the following configuration is
not accepted by strongswan:-
conn IpSecSSEPlane
ikelifetime=24h
keyexchange=ikev2
keyingtries=%forever
keylife=90m
reauth=no
rekey=yes
mobike=no
rekeymargin=2m
ike=aes128-sha1-modp1024,3des-sha1-modp1024!
esp=aes128-sha1-modp1024,3des-sha1-modp1024!
authby=rsasig
right=10.10.10.2
left=20.20.20.21
* leftsubnet=15.15.15.5/32*
* rightsubnet=%any
* leftprotoport=%any
rightprotoport=%any
leftcert=/home/vivek/vivek/latestdir1/BTScert.pem
rightid=%any
auto=add
Not specifying the rightsubnet. replaces it with right/32.
Can you let me know how can I specify a connection that would encrypt
traffic from any destination ( right subnet)
Thanks,
Vivek
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
