On 25.01.22 03:13, VTwin Farriers wrote:
If I try to add 10.128.0.0/16 to the configuration for East <=> Central, I get:
received TS_UNACCEPTABLE notify, no CHILD_SA built
failed to establish CHILD_SA, keeping IKE_SA
when I attempt to bring up the connection.
This seems to be related to the fa
Hi
would setting this "reqid" option for each of the tunnels (with different
left-righ-IDs set) in both initiator and responder peers help?
The below is the setting that is available (in swanctl.conf):
---
If I try to add 10.128.0.0/16 to the configuration for East <=> Central, I get:
received TS_UNACCEPTABLE notify, no CHILD_SA built
failed to establish CHILD_SA, keeping IKE_SA
when I attempt to bring up the connection.
This seems to be related to the fact there is no interface or route on Centra
I have 3 sites, East, Central, and West
Their subnets are 10.0.0.0/16, 10.64.0.0/16 and 10.128.0.0/16 respectively.
Both East and West connect directly to Central and route traffic between
Central and each of the remote sites. e.g. both 10.0 and 10.128 can both talk
to all machines on 10.64 and
Hello Carlos,
Well yes but no:
src 0.0.0.0/0 dst 0.0.0.0/0
dir out priority 39
tmpl src dst
proto esp spi 0xcfef925b reqid 1 mode tunnel
src 0.0.0.0/0 dst 0.0.0.0/0
dir fwd priority 39
tmpl src dst
proto esp reqid 1 mode tunnel
src 0.0.0.0/0 dst 0.0.
Hello List,
I am connecting multiple XFRM interfaces, each being in a different VRF,
between two servers running strongSwan 5.9.4.
As I am running dynamic routing protocols over those XFRM interfaces,
all traffic selectors of the CHILD_SAs have been set to 0.0.0.0/0 & ::/0.
Now, the respond
