Skip to main content
Unix & Linux

Return to Question

added tag for `screen`
Link
edit approved Apr 20, 2015 at 20:14
toxefa
edit approved Apr 20, 2015 at 20:14
toxefa
  • 1.1k
  • 1
  • 10
  • 25
Source Link
kishore .
kishore .
  • 485
  • 1
  • 5
  • 10

ipsec.conf file with dynamic ipv6 address

I have been able to get strongswan ipsec tunnel between 2 linux machines with static ipv6 address. For example, a segment of my ipsec.conf file looks like

left=2000::1
leftcert=/home/root/ABCDCert.der
leftid="C=XX, O=Test, CN=ABCD.org"
right=2000::3
rightid="C=XX, O=Test, CN=XYZ.org"

Now, i replace the left linux machine with dynamic ipv6 address and right one still is static,but address is different

It is as follows

left=2001:aaaa:bbbb:cccc:b499:4c00:191:19ef
leftcert=/home/root/ABCDCert.der
leftid="C=XX, O=Test, CN=ABCD.org"
right=2001:aaaa:bbbb:cccc::1
rightid="C=XX, O=Test, CN=XYZ.org"

The left machine has a dynamic ipv6 from a RA server. (2001:aaaa:bbbb:cccc:b499:4c00:191:19ef) The right machine has a static ipv6 2001:aaaa:bbbb:cccc::1/64 The tunnel does not come up with this setting. I am able to ping6 between the two machines. I must be doing something wrong.

Thanks