[Openswan Users] Fwd: Problem with right=%any
shussain at xelerance.com
Mon Feb 26 20:01:48 EST 2018
Rescued from the spam bucket. Please remember to subscribe to the
mailing list before posting to it
-------- Forwarded Message --------
Subject: Problem with right=%any
Date: Tue, 27 Feb 2018 01:00:45 +0000
From: Thomas, Gregory N. <gregory.n.thomas at accenture.com>
To: users at lists.openswan.org <users at lists.openswan.org>
We are trying to setup a dynamic right side configuration, as we want
this local host to use IpSec (transport) for many other hosts in a
We can get a host-to-host working, but when we try to make it dynamic
for the right side, using right=%any, it does not seem to find the entry
for the PSK in ipsec.secrets.
It seems to only work when we specify right=<IP>. What are we missing?
We really need a dynamic right side configuration.
[root at or1dtstipso001 etc]# cat ipsec.secrets
10.249.100.97 %any : PSK "L1nuxGotTa!ent"
10.249.100.97 10.249.100.96 : PSK "L1nuxGotTa!ent"
10.249.100.97 10.249.101.105 : PSK "L1nuxGotTa!ent"
[root at or1dtstipso001 etc]# cat ipsec.conf
# Uncomment when using this configuration file with openswan
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise confidential information. If you
have received it in error, please notify the sender immediately and
delete the original. Any other use of the e-mail by you is prohibited.
Where allowed by local law, electronic communications with Accenture and
its affiliates, including e-mail and instant messaging (including
content), may be scanned by our systems for the purposes of information
security and assessment of internal compliance with Accenture policy.
More information about the Users