[strongSwan] swanctl.conf - How to create unique CHILD_SA(s) for different local_ts and remote_ts ?

Fri, 01 Oct 2021 09:10:37 -0700 

Hello Folks,

I am trying to create a unique CHILD_SA for a combination of local_ts and
remote_ts combination - here is my configuration file -

=============================
connections {
    transport {
        remote_addrs = 10.168.0.7
        version = 2
        proposals = default

        local {
            id = "transport"
            auth = psk
        }
        remote {
            id = "transport"
            auth = psk
        }

        children {
            transport-tcp {
                local_ts = 192.168.0.1/32
                remote_ts = 192.168.0.2/32
                mode = transport
                start_action = start
            }
               transport-tcp-2 {
                local_ts = 192.168.0.3/32
                remote_ts = 192.168.0.4/32
                mode = transport
                start_action = start
            }
        }
    }
}
secrets {
    ike-1 {
        secret = "xxxxx"
    }
}
=============================

I can see the CHILD_SA only for  192.168.0.1/32 ====== 192.168.0.2/32 but
not the other CHILD_SA for 192.168.0.3/32 ====== 192.168.0.4/32. What am I
doing wrong ?

Reply via email to