Hello,
I am trying to establish ipsec tunnel using certificate authentication. I
am using strongswan 5.1.1 on both the peers.
I have configured leftid parameter in ipsec.conf to be
leftid =
Here subject Altname is the FQDN.
On both the peers I have configured left id as above.
IKE_AUTH happe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hello Martin,
Yes, I tried that. However, if I do that,
/etc/resolv.conf only contains the comment in the first line.
Regards,
Noel Kuntze
GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 14.08.2014 um 10:58
Noel,
> upon disconnecting the tunnel (swanctl -t --child tunnel) the content
> of /etc/resolv.conf isn't restored to the content there was before.
With that command, usually only the CHILD_SA gets closed, but not the
IKE_SA. IP address, DNS configuration and other attributes are bound to
the lif