On Thu, Jun 25, 2020 at 4:10 PM Tobias Heider wrote:
> I tried to reproduce your bug (on current) but it seems to work as intended
> for me. It would certainly help to have a bit more info such as an iked log
> and a tcpdump of your failed handshake as well as the used openbsd version.
The passi
On Sun, Jun 21, 2020 at 04:33:14PM -0400, Sonic wrote:
> On Sun, Jun 21, 2020 at 12:11 PM Patrick Wildt wrote:
> > If you want to use a specific address for a policy, you can use the
> > "local" keyword to specify it. This is part of the policy, not a global
> > option.
> >
> > Then iked(8) conti
On Sun, Jun 21, 2020 at 5:20 PM Stuart Henderson wrote:
>
> IIRC "local" isn't enough, some packets are still sent on the bound
> 0.0.0.0, the kernel chooses the source address (based on the local
> interface address in the route to the destination) and it can be
> the wrong address for the other
On 2020-06-21, Sonic wrote:
> On Sun, Jun 21, 2020 at 12:11 PM Patrick Wildt wrote:
>> If you want to use a specific address for a policy, you can use the
>> "local" keyword to specify it. This is part of the policy, not a global
>> option.
>>
>> Then iked(8) continues to losten on 0.0.0.0:500,
On Sun, Jun 21, 2020 at 12:11 PM Patrick Wildt wrote:
> If you want to use a specific address for a policy, you can use the
> "local" keyword to specify it. This is part of the policy, not a global
> option.
>
> Then iked(8) continues to losten on 0.0.0.0:500, but the policy will
> only match if
On Fri, Jun 19, 2020 at 11:19:11AM -0400, Sonic wrote:
> With IKEDv1 I was able to use alias addresses for the VPN tunnels with
> a Listen-on directive in isakmpd.conf:
> ==
> [General]
> Listen-on= 1.2.3.7
> ==
>
> So far my attempts with IKEDv2 have b
On 2020-06-19, Sonic wrote:
> With IKEDv1 I was able to use alias addresses for the VPN tunnels with
> a Listen-on directive in isakmpd.conf:
>==
> [General]
> Listen-on= 1.2.3.7
>==
>
> So far my attempts with IKEDv2 have been unsuccessful at using ali
With IKEDv1 I was able to use alias addresses for the VPN tunnels with
a Listen-on directive in isakmpd.conf:
==
[General]
Listen-on= 1.2.3.7
==
So far my attempts with IKEDv2 have been unsuccessful at using alias
addresses. Is it possible?
Thanks!
Ch
8 matches
Mail list logo
