[Openswan Users] Multiple left
Trevor Benson
tbenson at a-1networks.com
Fri Jun 11 21:24:28 CEST 2004
> -----Original Message-----
> From: users-bounces at lists.openswan.org [mailto:users-
> bounces at lists.openswan.org] On Behalf Of Ferdinand O. Tempel
> Sent: Friday, June 11, 2004 9:33 AM
> To: users at lists.openswan.org
> Subject: RE: [Openswan Users] Multiple left
>
> On Fri, 2004-06-11 at 17:48, Trevor Benson wrote:
> > > -----Original Message-----
> > > From: Michael Richardson [mailto:mcr at sandelman.ottawa.on.ca]
> > > Sent: Friday, June 11, 2004 8:28 AM
> > > To: Trevor Benson
> > > Cc: users at lists.openswan.org
> > > Subject: Re: [Openswan Users] Multiple left
> > >
> > > -----BEGIN PGP SIGNED MESSAGE-----
> > >
> > >
> > > >>>>> "Trevor" == Trevor Benson <tbenson at a-1networks.com> writes:
> > > Trevor> Can left= have more then one address? That way a
single
> > >
> > > No.
> >
> > Can you then just treat left and right the same, and make both
> 0.0.0.0/0
> > and rely on certificates for authentication, and let the client
decide
> > which IP address they would need to connect to based on Using
internet
> > VPN or wireless VPN?
>
> For roadwarriors the good *swan developers invented the use of the
> "%any" keyword. i.e.:
>
> conn foo
> left=%any
>
> Which allows any IP address to be left.
>
> Unless you don't mean this, and I misunderstood your question
entirely.
>
> --
> Regards,
>
> Ferdinand O. Tempel
>
> Your friendly neighborhood linuxops.net administrator.
Nope that was it, I am familiar with %any, but I have only used it for
the remote side before, wasn't sure if it was allowed for the local end
of connections.
Thanks,
Trevor
More information about the Users
mailing list