Hi all, are both able to support the same network topologies with both IPv4 and IPv6?
The application uses 3 VPN gateways (all OpenBSD) and connects several public nets behind both gateways. Some private nets are served without NAT to other VPN members. One gateway uses a fixed IPv4 address, the other 2 are road warriors, where IP of others changes about once a month. As this is an operational setup, moving from isakmpd to iked seems to be a challenge. (-: Can the transition be done without loosing functionality? Axel PS: To illustrate further, I include the connections from isakmpd.conf gw with fixed address: ------------ [CON_2_2] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_IH4 Remote-ID= NET_M4_PRIVATE PF-Tag= FROM_VPN [CON_2_3] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_DEFAULT4 Remote-ID= NET_M4_LRAU PF-Tag= FROM_VPN [CON_2_4] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_N6_GLOBAL_UNICAST Remote-ID= NET_M6_LRAU PF-Tag= FROM_VPN [CON_2_5] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_N6_GLOBAL_UNICAST Remote-ID= NET_M6_WLAN_LRAU PF-Tag= FROM_VPN # -------------- [CON_3_1] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_IH4 Remote-ID= NET_N4_PRIVATE PF-Tag= FROM_VPN [CON_3_2] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_N6_GLOBAL_UNICAST Remote-ID= NET_N6_LRAU PF-Tag= FROM_VPN # -------------- [CON_23_1] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_M4_PRIVATE Remote-ID= NET_N4_PRIVATE PF-Tag= FROM_VPN [CON_23_2] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_N4_PRIVATE Remote-ID= NET_M4_PRIVATE PF-Tag= FROM_VPN One of 2 road warriors: ----------------- # ----------- [CON_2_2] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Flags= Active-only Remote-ID= NET_IH4 Local-ID= NET_M4_PRIVATE PF-Tag= FROM_VPN # ----------- [CON_2_3] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Flags= Active-only Remote-ID= NET_DEFAULT4 Local-ID= NET_M4_LRAU PF-Tag= FROM_VPN # ----------- [CON_2_4] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Flags= Active-only Remote-ID= NET_N6_GLOBAL_UNICAST Local-ID= NET_M6_LRAU PF-Tag= FROM_VPN # ----------- [CON_2_5] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Flags= Active-only Remote-ID= NET_N6_GLOBAL_UNICAST Local-ID= NET_M6_WLAN_LRAU PF-Tag= FROM_VPN # -------------- [CON_23_1] Phase= 2 ISAKMP-peer= CON_1 Configuration= quick-mode Local-ID= NET_M4_PRIVATE Remote-ID= NET_N4_PRIVATE PF-Tag= FROM_VPN --- PGP-Key: CDE74120 ☀ computing @ chaos claudius
