Hello,
I'm no computer freak, so please forgive me my stupid questions.
I have a home network with subnet 192.168.0.1.
On the other hand, there is a roadwarrior with an unknown IP.
Is it possible for the roadwarrior to connect to the home network via
IKEv2 and
(1) be able to address all the
Robert Markula wrote:
If the subjectAltName = DNS:cray.home.ro, this would be cray.home.ro,
right?
Yes
And, one final question: if using the subjectAltName or the Subject DN,
what kind of Remote ID type would that be on the client side?
RCF_822_NAME or FQDN?
I guess it's ID_DER_ASN1_DN or
Hey,
I managed to get my kernel fixed, so ipsec should be able to work.
But when a client connects, I get this:
Dec 22 14:07:05 woodpecker charon: 13[NET] received packet: from
195.184.32.72[500] to 83.89.2.204[500]
Dec 22 14:07:05 woodpecker charon: 13[ENC] parsed IKE_SA_INIT request 0 [ SA
KE
Hello Bjarke,
Bjarke Istrup Pedersen wrote:
Hey,
I managed to get my kernel fixed, so ipsec should be able to work.
But when a client connects, I get this:
Dec 22 14:07:05 woodpecker charon: 13[NET] received packet: from
195.184.32.72[500] to 83.89.2.204[500]
Dec 22 14:07:05
2009/12/22 Andreas Steffen andreas.stef...@strongswan.org
Hello Bjarke,
Bjarke Istrup Pedersen wrote:
Hey,
I managed to get my kernel fixed, so ipsec should be able to work.
But when a client connects, I get this:
Dec 22 14:07:05 woodpecker charon: 13[NET] received packet: from
Hello Marc,
Marc Giger wrote:
Hi Andreas
Finally I've solved the problem. It works again now.
I've found out, that I have to set nat_traversal to no
to let it communicate over port 500. Port 4500 is
blocked on a firewall in front of the ipsec gw.
Is this change in the behavor for IKV1
Hello.
I am trying to connect my work network to amazon's vpc using ipsec in
tunnel mode. My right side is a debian5 32bit linux box running
stock strongswan and left is a blackbox I am not able to control. The
tunnel comes up, i am able to access right network from left but not
the other way
Hi!
here is a dump of the configuration of my two involved hosts. as far
as i can see my certificates are from the same ca and i dont use
strongswan 4.3 which aparently had problems with some DNs or so (I
found that in the mailinglist archive).
later on i want do do a full mash of hosts, how
Hello Andreas,
the problem is that the Fully Qualified Domain Names
left...@krista.sto.spotify.net
right...@nadia.lon.spotify.net
that you are using are not contained as subjectAltNames in
the end entity certificates. Thus either add them to the corresponding
certificates or use the subject