Use a pool. Look at the UsableExamples[1] page. You can't pass dns servers from DHCP at all. It has nothing to do with the configuration backend you're using.
Kind regards Noel [1] https://wiki.strongswan.org/projects/strongswan/wiki/UsableExamples On 17.12.2017 08:47, Kamil Jońca wrote: > I am testing migration from starter config to swanctlt config, and have > issue that cannot resolve. > > my config below: > --8<---------------cut here---------------start------------->8--- > secrets { > private { > file= .... > secret= [....] > } > } > connections { > > rw { > local_addrs = 192.168.200.200 > pools = dhcp > local { > auth = pubkey > cacerts= [...] > certs = [...] > id = "C = PL, ST = Mazowieckie, O = kjonca.kjonca, OU = ipsec, CN = > xxxxxx" > } > remote { > auth = pubkey > } > children { > net-alfa-server { > local_ts = 192.168.200.200/24 > ipcomp=yes > > } > } > } > } > authorities { > kaczka{ > crl_uris = file:///etc/swanctl/x509crl/kaczka.pem > cacert = /etc/swanctl/x509ca/ipsec--kaczka--ca.pem > > } > } > --8<---------------cut here---------------end--------------->8--- > > 1.How with this config I can pass dns server to client? > 2. Is it possible to take DNS server from dhcp (and others possible > options too)? > > > KJ >
signature.asc
Description: OpenPGP digital signature
