0

I have been able to get strongswan ipsec tunnel between 2 linux machines with static ipv6 address. For example, a segment of my ipsec.conf file looks like 

left=2000::1
leftcert=/home/root/ABCDCert.der
leftid="C=XX, O=Test, CN=ABCD.org"
right=2000::3
rightid="C=XX, O=Test, CN=XYZ.org"

Now, i replace the left linux machine with dynamic ipv6 address and right one still is static,but address is different

It is as follows

left=2001:aaaa:bbbb:cccc:b499:4c00:191:19ef
leftcert=/home/root/ABCDCert.der
leftid="C=XX, O=Test, CN=ABCD.org"
right=2001:aaaa:bbbb:cccc::1
rightid="C=XX, O=Test, CN=XYZ.org"

The left machine has a dynamic ipv6 from a RA server. (2001:aaaa:bbbb:cccc:b499:4c00:191:19ef) The right machine has a static ipv6 2001:aaaa:bbbb:cccc::1/64 The tunnel does not come up with this setting. I am able to ping6 between the two machines. I must be doing something wrong.

Thanks

Improve this question
2
  • Could be this issue here: wiki.strongswan.org/issues/803 Commented Apr 21, 2015 at 8:08
  • I noticed that after i delete the dynamic ipv6 from the ipse.conf file, the tunnel is up! Commented Apr 21, 2015 at 14:39

1 Answer 1

Reset to default
0

I noticed that after i delete the dynamic ipv6 from the ipse.conf file, the tunnel is up!

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.