[Openswan Users] also
Christian Brechbühler
brechbuehler at gmail.com
Fri Mar 24 09:53:43 CET 2006
Using also works as if all the specs of that connection were pasted. And in
your case you'd result with two rightsubnet specifications, which is no
good. If you look at your log, or --replace the connection with --verbose,
you should see an error complaining about this.
The solution I use is to extract a "common base" which doesn't specify any
rightsubnet -- we might call it "firma_host". Then define connection
firma_host1 just like you define firma_host2, using also firma_host in both.
Good luck
Christian
On 3/24/06, Mitja Sladovic <mitja at rageofdivine.net> wrote:
>
> Hello,
>
> I want to add another connection using "also" - all is the same except
> rightsubnet.
> But connection "firma_host2 isn't recognized. Why?
>
> Thanks! Mitja
>
> conn firma_host2
> * rightsubnet=192.168.1.12/32*
> also=firma_host1
>
> conn firma_host1
> authby=secret
> auth=esp
> type=tunnel
> left=100.11.22.130
> leftnexthop=100.11.22.129
> leftsubnet=10.99.1.0/24
> right=200.11.22.66
> * rightsubnet=10.10.10.33/32*
> ike=aes256-sha
> esp=aes256-sha1
> keyexchange=ike
> ikelifetime=1h
> keylife=1h
> pfs=yes
> auto=start
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060324/dc3dc970/attachment-0001.htm
More information about the Users
mailing list