Hi, > I wonder why the UNITY_DEF_DOMAIN and UNITY_SPLITDNS_NAME are not > supported for IKEv2 as well?
The IKEv2 protocol does not define such an attribute, nor am I aware of any extension that does. In IKEv1 these attributes are used by the proprietary (but widely used) Cisco Unity extensions, and we can send them in strongSwan for installation by third party clients. None of our backends (resolve plugin, charon-nm) actually handle such attributes. While you could send your own definition of such an attribute in IKEv2, it is not handled by strongSwan (or a third party client). In short, configuring domain search lists over IKE is currently not supported (and not standardized). All you currently can do is to send these Unity attributes to third party clients supporting this proprietary extension. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
