[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: Re: [strongSwan] need to allow ssl restriction
From: Andreas Steffen <andreas.steffen () strongswan ! org>
Date: 2012-03-30 13:07:37
Message-ID: 4F75B019.9010806 () strongswan ! org
[Download RAW message or body]
Hi Sanjay,
you can define only a single port per passthrough connection, e.g.
conn p1
also=pass
leftprotoport=tcp/0
rightprotoport=tcp/https
auto=route
conn p2
also=pass
leftprotoport=tcp/0
rightprotoport=tcp/imaps
auto=route
....
conn pass
type=pass
authby=never
leftsubnet=..
rightsubnet=..
Regards
Andreas
On 03/30/2012 02:57 PM, Shukla, Sanjay wrote:
> Hi Andreas,
>
> My requirement is to pass traffic on a certain port, how can I
> specify the port numbers in connection configuration
>
> Regards, -sanjay
>
>
> ----------------------------------------------------- Please consider
> the environment before printing this email.
>
> -----Original Message----- From: Andreas Steffen
> [mailto:andreas.steffen@strongswan.org] Sent: Monday, March 26, 2012
> 2:27 PM To: Shukla, Sanjay Cc: users@lists.strongswan.org Subject:
> Re: [strongSwan] need to allow ssl restriction
>
> Hello Sanjay,
>
> you can define a pass shunt policy for TCP port 443. Just have a look
> at our example scenario:
>
> www.strongswan.org/uml/testresults/ikev2/shunt-policies/
>
> Regards
>
> Andreas
>
> On 26.03.2012 20:12, Shukla, Sanjay wrote:
>> I am using 4.6.2 charon with IKEv2. What approaches are suggested
>> to allow TLS / 443 traffic restriction so that they are not subject
>> to IPSec.
>>
>>
>>
>> Regards,
>>
>> -sanjay
>
> ======================================================================
>
>
Andreas Steffen andreas.steffen@strongswan.org
> strongSwan - the Linux VPN Solution!
> www.strongswan.org Institute for Internet Technologies and
> Applications University of Applied Sciences Rapperswil CH-8640
> Rapperswil (Switzerland)
> ===========================================================[ITA-HSR]==
>
>
>
> DISCLAIMER: This e-mail may contain information that is confidential,
> privileged or otherwise protected from disclosure. If you are not an
> intended recipient of this e-mail, do not duplicate or redistribute
> it by any means. Please delete it and any attachments and notify the
> sender that you have received it in error. Unintended recipients are
> prohibited from taking action on the basis of information in this
> e-mail.E-mail messages may contain computer viruses or other defects,
> may not be accurately replicated on other systems, or may be
> intercepted, deleted or interfered with without the knowledge of the
> sender or the intended recipient. If you are not comfortable with the
> risks associated with e-mail messages, you may decide not to use
> e-mail to communicate with IPC. IPC reserves the right, to the extent
> and under circumstances permitted by applicable law, to retain,
> monitor and intercept e-mail messages to and from its systems.
--
======================================================================
Andreas Steffen andreas.steffen@strongswan.org
strongSwan - the Linux VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic