[Openswan Users] Nesting configs
Michael Smith
msmith at cbnco.com
Thu Jul 15 09:05:16 EDT 2010
Larry Brown wrote:
> ipsec.conf:
> ---------------------------------------------
> version 2.0
>
> config setup
>
> nat_traversal=yes
> oe=off
> vitual_private=%v4:192.168.0.0/24,%v4:!172.16.0.0/24
> protostack=netkey
>
> include /etc/ipsec.d/include/ipsec.*.conf
That's OK.
> -----------------------------------------------
> conn r101
>
> include leftSide
You can't include from inside a connection block. What you might want to
do is create a file, zz99leftside.conf, with "conn leftside" containing
the items you need. Then refer to it with "also=leftside" in your other
connections.
The file has to be included after all the other files so they can
reference it with "also" - since "*" matches in alphabetical order, the
zz99 takes care of that.
Mike
More information about the Users
mailing list