How to correctly specify the internal subnet when connecting to an IPSec tunnel using strongswan?

A

Alexander2019-11-08 12:35:12

VPN

Alexander, 2019-11-08 12:35:12

There is a server that has an interface 1.2.3.4/32with an external IP (IP came up with a random one for an example). This server must be connected to the IPSec tunnel to the server 5.6.7.8/32. I want to do it through strongswan. In the strongswan config, you need to specify the internal subnet in the leftsubnet (rightsubnet) parameter. Question: is it possible to specify as an internal subnet 1.2.3.4/32, i.e. the same external subnet, the same IP through which one server will connect to another? Will it be correct and will it work?
Or do you need to create a virtual interface, prescribe some type of subnet for it, 10.10.15.0/24and only then prescribe this subnet in (right-)leftsubnet?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

C

CityCat4, 2019-11-08
@zkelo

Actually, there is a roadwarrior mode for connecting one computer, and there are enough examples in the docks on the shwan website how to set it up in this case. Think wrong - this case is for a network-to-network tunnel.