Hi Andreas, Thank you for answer. I wondered if strongSwan does not use a 'bind(2)' syscall to force the source IP@ for corresponding sockets. But from your answer this seams to not be the case. Best Regards Mugur
-----Original Message----- From: Andreas Steffen [mailto:[email protected]] Sent: mercredi 23 novembre 2011 19:30 To: ABULIUS, MUGUR (MUGUR) Cc: [email protected]; SCARAZZINI, FABRICE (FABRICE); Pisano, Stephen G (Stephen); WASNIEWSKI, ALAIN (ALAIN) Subject: Re: [strongSwan] Which source IP@ is used to retrieve CRLs? Hello Mugur, I don't quite understand your question. Charon does a HTTP-based CRL fetch using either the curl or soup plugin. The source IP of the HTTP request belongs to charon's network interface via which the daemon is able to reach the HTTP server. Regards Andreas On 11/23/2011 05:53 PM, ABULIUS, MUGUR (MUGUR) wrote: > Hi, > Assuming the ipsec.conf defines several connections with different > "left=" and "right=" values, which source IP@ is used by strongSwan to > retrieve CRLs from a CDP? In our case URI is a HTTP URI. Charon is used. > Best Regards > Mugur ====================================================================== Andreas Steffen [email protected] strongSwan - the Linux VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
