Actions
Bug #9307
closedVirtual Address Pool in Pre-Shared Keys is not used
Status:
Not a Bug
Priority:
Normal
Assignee:
-
Category:
IPsec
Target version:
-
Start date:
02/06/2019
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4_2
Affected Architecture:
Description
For most of my road warriors, I want to have different firewall rules than for e.g. me.
Therefore, I assigned a default Virtual Address Pool of 192.168.6.0/24 and for my account, I used 192.168.7.0/24
This is also added to ipsec.conf correctly. However, my (Windows 10) client still gets a 192.168.6.x IP.
Content of /var/etc/ipsec/ipsec.conf:
# This file is automatically generated. Do not edit config setup uniqueids = yes conn bypasslan leftsubnet = 10.8.0.0/16 rightsubnet = 10.8.0.0/16 authby = never type = passthrough auto = route conn con-mobile fragmentation = yes keyexchange = ikev2 reauth = yes forceencaps = no mobike = yes rekey = yes installpolicy = yes type = tunnel dpdaction = clear dpddelay = 10s dpdtimeout = 60s auto = add left = 145.REMOVED... right = %any leftid = fqdn:test.REMOVED ikelifetime = 28800s lifetime = 3600s rightsourceip = 192.168.6.0/24 rightdns = 10.8.1.11 ike = aes256-sha384-ecp384! esp = aes256-sha256-ecp384,aes256-sha384-ecp384! eap_identity=%any leftauth=pubkey rightauth=eap-mschapv2 leftcert=/var/etc/ipsec/ipsec.d/certs/cert-1.crt leftsendcert=always leftsubnet = 10.8.0.0/16 conn mobile-1 also = con-mobile eap_identity = email:REMOVED rightsourceip = 192.168.7.0/24 rightid = email:REMOVED
What am I doing wrong or is there a bug? Thanks...
(See also Feature #8292)
Actions