1. Did you test it? 2. I wrote before that you can not pass the assigned DNS server you get via DHCP. That is not possible at all. You can use a pool though to pass it as an attribute. Read the manual for swanctl.conf. The syntax is mentioned there. Just use two pools. One dhcp, one with the attribute.
Kind regards Noel On 18.12.2017 15:53, Kamil Jońca wrote: > Noel Kuntze > <noel.kuntze+strongswan-users-ml-eJe4+7AOuxYyzzc7d281tti2O/[email protected]> > writes: > >> 1. Never did that with swanctl. You have to play around with the pools or >> dig around. Maybe it's as simple as "connections.<conn>.pools = dhcp" or >> "connections.<conn>.pools = %dhcp". Maybe it's not. > Well, this can be done by simply > pools = dhcp > and alone is not a problem, but ... > >> 2. You can't. > So there is no an equivalent of > > "rightdns=192.168.200.200" > > in swanctl, and the only way to send DNS server is to return to old > starter-based approach? > > Am I wrong? > KJ > > >> On 18.12.2017 15:21, Kamil Jońca wrote: >>> Noel Kuntze >>> <noel.kuntze+strongswan-users-ml-eJe4+7AOuxYyzzc7d281tti2O/[email protected]> >>> writes: >>> >>>> Use a pool. Look at the UsableExamples[1] page. >>>> You can't pass dns servers from DHCP at all. It has nothing to do with >>>> the configuration backend you're using. >>> I was not too clear probably. >>> >>> I want to do with swanctl: >>> 1. have client addres taken from dhcp >>> 2. somehow configure dns to pass (how? ) >>> >>> ie. how to translate from old config: >>> >>> >>> conn xxx >>> left=192.168.200.200 >>> leftsubnet=192.168.200.0/24 >>> leftid=xxx >>> leftca=yyy >>> leftcert=.... >>> rightdns=192.168.200.200 >>> right=%any >>> compress=yes >>> rightsourceip=%dhcp >>> >>> >>> >>> KJ >>>
signature.asc
Description: OpenPGP digital signature
