On 16 February 2015 at 17:19, Tobias Brunner <[email protected]> wrote: > As Noel pointed out it could mean the responder doesn't like the > proposed algorithms. But the responder could also return this error > because it doesn't like the proposed traffic selectors (i.e. the subnets > in `left|rightsubnet`) or the mode (type=tunnel|transport).
Hi Tobias, thanks for your very informative and helpful reply. You were spot-on with the incomplete traffic selectors. It turned out the server is configured to only accept traffic from the 172.16.48.16/28 subnet. So after setting: leftsubnet = 172.16.48.16/28 I can successfully establish the VPN with the server. So am I right that the only thing left to do is configure my system so that packets to hosts on the 10.180.0.0/24 subnet appear to come from a host on the 172.16.48.16/28 subnet? To accomplish this I already added the additional IP address 172.16.48.16 to my NIC (besides the DHCP configured 192.168.42.162). What's the next step? Do I need to add a route or some iptables rule? Cheers, Bas _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
