From: Marco Berizzi <pupilla@ho...> - 2005-11-28 15:39:56
I was reading man page about generate_policy:
"...racoon will choose the first proposal in
the SA payload from the initiator, and generate
policy entries from the proposal. [...]
Note that an inappropriate policy might be
installed into the responder's SPD by the
initiator, so other communications might
fail if such policies are installed due to
a policy mismatch between the initiator and
This mean that the initiator (and only the
initiator) will control which policy will
be generated by racoon. Correct?
Is there any way to control this behaviour?
For example: I would like that roadwarriors
could connect to my private network for example
192.168.10.0/24 but not to my secure network
for example 172.19.1.0/24.
*swan has this capability (left-rightsubnet).
Am I missing anything obvious?
Get latest updates about Open Source Projects, Conferences and News.