![](/img/trans.png)
[英]Vpn connect between iOS NEVPNManager and StrongSwan on Ubuntu 16.04
[英]strongswan: What is the difference between left and leftid?
從這里找到答案:
One defines the local IP address(es), `left`, which does not have to be specified
unless it should be restricted. The other, `leftid`, the local identity used during
authentication, which will default to the local IP address or the subject DN of the
local certificate, if one is configured.
Note that the convention is to use `left...` options for local settings and `right...` for
those of the remote, but they might get swapped if an IP in `right` is found locally.
Please refer to the man page for ipsec.conf (`man ipsec.conf`) or the [wiki page for
the conn section][1] for details.
----
You can't set `left` to an IP address that's not installed on any local interface. As you
can see in the log, the daemon won't be able to send packets from that address.
Likewise, inbound request are dropped because the destination address doesn't match
the config (the `no IKE config found for ...` message). So either don't configure it (same
as setting it to `%any`) or configure a local address from/on which packets can be
sent/received (e.g. `172.30.13.1` in your case).
[1]: https://wiki.strongswan.org/projects/strongswan/wiki/Connsection
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.