[英]strongswan: What is the difference between left and leftid?
從這里找到答案:
One defines the local IP address(es), `left`, which does not have to be specified
unless it should be restricted. The other, `leftid`, the local identity used during
authentication, which will default to the local IP address or the subject DN of the
local certificate, if one is configured.
Note that the convention is to use `left...` options for local settings and `right...` for
those of the remote, but they might get swapped if an IP in `right` is found locally.
Please refer to the man page for ipsec.conf (`man ipsec.conf`) or the [wiki page for
the conn section][1] for details.
----
You can't set `left` to an IP address that's not installed on any local interface. As you
can see in the log, the daemon won't be able to send packets from that address.
Likewise, inbound request are dropped because the destination address doesn't match
the config (the `no IKE config found for ...` message). So either don't configure it (same
as setting it to `%any`) or configure a local address from/on which packets can be
sent/received (e.g. `172.30.13.1` in your case).
[1]: https://wiki.strongswan.org/projects/strongswan/wiki/Connsection
iOS NEVPNManager 和 StrongSwan 在 Ubuntu 16.04 之間的 VPN 連接
[英]Vpn connect between iOS NEVPNManager and StrongSwan on Ubuntu 16.04
具有 Strongswan、DNS 服務器、重疊子網的站點到站點 VPN)
[英]Site-to-Site VPN with Strongswan, DNS server, overlapping subnets)
無法在 AWS 中使用 Iptables 和 Strongswan 對 IP 進行 NAT
[英]Unable to NAT IP with Iptables and Strongswan in AWS
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.