On 27.04.2017 22:38, Dusan Ilic wrote: > I would really appreciate some help with below also, Im having a Hard time > understanding how Strongswan chooses connection definitions and ipsec secrets. Based on IPs, identities and authentication methods. > > For example, how can I setup an ikev2 psk tunnel between two hosts with > dynamic dns? Look at the "site-2-dynamic-ip" example at the UsableExamples page[1] for a configuration that uses certificates for authentication. Read the text at the beginning of the page. > Can I have several ip secrets or connections with %any? No. One secret per identity. > > Ive tried with %dyndns but seem to get some errors about constraints and > such. If someone would give me an explanation that would be great! You need to paste logs to get help.
[1]https://wiki.strongswan.org/projects/strongswan/wiki/UsableExamples#Site-To-Site-Scenario
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
