Hi All, I'm trying to let a Linux/strongSwan combo talk to a CARP cluster of OpenBSD v4 machines. As such I'm bound to IKEv1, but I'm able to establish a tunnel. I see ESP traffic arrive on the OpenBSD side, but not the other way around.
The strongSwan logging shows the "cannot respond to IPsec SA request because no connection is known for [...]" The logging also reveals that strongSwan receives the physical IP address of one of the OpenBSD machines in the CARP cluster instead of the virtual IP address of the cluster. Obviously it cannot find a connection as it is configured to use the virtual IP address (and of which it has a valid certificate). I have tried setting rightsourceip (the OpenBSD side) to %config but that did not help. Would using virtual_private help? Or is it not pos- sible at all to set up a tunnel with a CARP cluster? Thanks, Marty. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
