Hi, > It looks like I can't communicate with the server at all from the z10, > and vice versa. I will try and work this out on my own when I have more > time. Let me know if you have any suggestions to improve my current config.
leftsourceip has no effect on the server. Due to your leftsubnet setting the server will use its address in the 192.168.16.0/24 subnet inside the tunnel. leftid=%any has no effect either, the identity will fall back to the server certificate's DN. I'm also not sure what exactly you want to achieve with your rightsubnet/rightsourceip settings. I recommend you read [1] and [2], and refer to [3] for some IKEv2 config samples. Regards, Tobias [1] http://wiki.strongswan.org/projects/strongswan/wiki/VirtualIp [2] http://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling [3] http://wiki.strongswan.org/projects/strongswan/wiki/IKEv2Examples _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users