Nice! Thanks Tuomo.
Regards,
Erik
On 2018-05-07 17:27, Tuomo Soini wrote:
On Wed, 14 Mar 2018 10:50:13 +0100
Erik Andersson wrote:
Hi all,
I've set up a simple scenario (following the example described in
https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
Please note t
On 2018-05-03 07:36, Tuomo Soini wrote:
On Wed, 2 May 2018 22:54:43 +0300
Tuomo Soini wrote:
On Wed, 2 May 2018 20:08:59 +0200
Erik Andersson wrote:
Hi all,
I'm running libreswan 3.23 (using netkey/xfrm) on fedora 26.
Trying to connect clients via xauth and modecfg where the ad
Hi all,
I'm running libreswan 3.23 (using netkey/xfrm) on fedora 26.
Trying to connect clients via xauth and modecfg where the address pool
for clients is a subset of the network "behind the ipsec gateway".
Using the following configuration:
conn remote
auto=start
authby=secret
r
Great! Thanks.
/Erik
On 2018-04-26 05:10, Paul Wouters wrote:
On Tue, 24 Apr 2018, Erik Andersson wrote:
(have also tried rightsubnets={192.168.110.0/24 50.50.50.0/24})
Yields the following error in the pluto.log file:
Apr 23 12:42:48.546899: address family inconsistency in this/that
On 2018-04-24 00:29, Paul Wouters wrote:
On Mon, 23 Apr 2018, Erik Andersson wrote:
conn remote
...
...
right=10.48.28.81
rightid=10.48.28.81
rightsubnets=192.168.110.0/24,50.50.50.0/24
left=%any
...
...
(have also tried rightsubnets
Hi!
I'm running libreswan 3.23 and trying to connect road warriors via XAUTH
and modecfg.
It works fine when the clients are able to connect to a single subnet:
conn remote
...
...
right=10.48.28.81
rightid=10.48.28.81
rightsubnet=192.168.110.0/24
On 2018-03-14 15:18, Paul Wouters wrote:
On Wed, 14 Mar 2018, Erik Andersson wrote:
I've set up a simple scenario (following the example described in
https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
The tunnels are established successfully.
ping: sendto: Network is unreac
Hi all,
I've set up a simple scenario (following the example described in
https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
The tunnels are established successfully.
But when I issue this command on the "west" gateway:
$ ping -n -c 4 -I 192.0.1.254 192.0.2.254
I get the following e
On 03/07/2018 10:26 AM, Paul Wouters wrote:
On Mon, 5 Mar 2018, Tuomo Soini wrote:
I'm running Fedora 26 with libreswan 3.23 and trying to setup a
host-to-host tunnel using the VTI functionality.
Is this setup/configuration even possible? Maybe I'm missing some
fundamentals here :)
Host-
On 03/05/2018 10:06 PM, Tuomo Soini wrote:
On Mon, 5 Mar 2018 18:34:17 +0100
Erik Andersson wrote:
Hi,
I'm running Fedora 26 with libreswan 3.23 and trying to setup a
host-to-host tunnel using the VTI functionality.
Is this setup/configuration even possible? Maybe I'm mi
Hi,
I'm running Fedora 26 with libreswan 3.23 and trying to setup a
host-to-host tunnel using the VTI functionality.
Host A 10.48.28.81
ipsec.conf
config setup
logfile=/var/log/pluto.log
conn myvpn
left=10.48.28.81
right=10.48.28.82
authby=secret
auto
On 23/02/16 23:03, Paul Wouters wrote:
On Mon, 22 Feb 2016, Erik Andersson wrote:
Subject: [Swan] klips_error:ipsec_xmit_encap_init
right=10.48.28.60
left=10.48.28.70
rightsubnet=2001:470:dc8c:5000::/64
leftsubnet=2001:470:dc8c:4000::/64
Hi all,
I'm running libreswan 3.15 on centos 7. I'm trying to setup a
IPv6-in-IPv4 tunnel according to the following configuration:
version 2.0
config setup
protostack=klips
interfaces="ipsec0=eth0"
conn mytunnel
authby=secret
right=10.48.28.60
left=10.
Hi Wolfgang,
Thanks for the help!
The kernel patch solved my host-2-host ipv6 tunnel issues.
Cheers,
/Erik
On 10/12/2015 05:10 PM, Wolfgang Nothdurft wrote:
Hi Erik,
it seems that you hit the same problem that I had.
This is a kernel bug, described here:
https://bugs.libreswan.org/show_bu
Hi Paul,
Thanks for the quick reply.
On 10/09/2015 08:31 PM, Paul Wouters wrote:
On Fri, 9 Oct 2015, Erik Andersson wrote:
conn mytunnel
left=2001:470:dc8c:1000::28:60
right=2001:470:dc8c:1000::28:70
connaddrfamily=ipv6
authby=secret
auto=add
When I try to bring up the
Hi,
Running libreswan 3.15 on Centos 7. I'm trying to setup a host-host
tunnel between two IPv6 endpoints on the same subnet. Using the
following configuration:
config setup
protostack=klips
interfaces="ipsec0=eth0"
conn mytunnel
left=2001:470:dc8c:1000::28:60
right=2001:470:
16 matches
Mail list logo