On 2008-11-21, Mikolaj Kucharski <[EMAIL PROTECTED]> wrote:
> On Fri, Nov 21, 2008 at 02:52:53PM +0000, Mikolaj Kucharski wrote:
>> Hi,
>>
>> Is it possible to have two or more subnets, each configured with the
>> same srcid, dstid and peer? Currently I cannot make it work. It works
>> only for the first subnet in the roadwarior config file. Is is possible
>> at all, no matter what IPsec implementation I would like to use?
>
> Thanks Mitja. To resolve my problem config on the router should look
> like:
>
> # router: /etc/ipsec.conf(5)
> ike passive esp tunnel \
> from { \
> 172.16.0.0/16 \
> 192.168.1.0/24 \
> 192.168.2.0/24 \
> 192.168.3.0/24 \
> } to any \
> srcid net4511.example.com
There is no difference between the two router configs, this is
exactly equivalent to the previous one you posted.. you can see
for yourself by examining output from "ipsecctl -nvf <file>"
