I promise, I won't bother you anymore (or at least not that much) once the evaluation of the units is done, but right now I need to know whether the following behavior is a bug or a feature:
I added two VPN IPSec connections. They are quite simple:
- COMPANY1: Policy states, that they can connect to external IP A using X.509 as authentication method, XAUTH is enabled. They should get an IP out of POOL_COMPANY1 (10.5.111.0/24) and then be able to connect to VLAN1 (10.5.110.0/24).
- COMPANY2: Policy states, that they can connect to the same external IP A using X.509 as authentication method, XAUTH is also enabled. They on the other hand should get an IP out of POOL_COMPANY2 (10.5.121.0/24) and then connect to a VLAN2 (10.5.120.0/24).
So far so good, everything works great (StrongSwan's doing a great job here *wink*).
Scenario
Let's say I have a user "support". He helps COMPANY1 and COMPANY2 maintain their servers. So he set up two policies on his computer - one to be able to connect to remote VLAN1 and one to remote VLAN2.
Expected result
What I expected to happen was that this user "support" gets an IP out of POOL_COMPANY1 when connecting using the policy of COMPANY1. And that he gets another IP out of POOL_COMPANY2 when connecting using the policy of COMPANY2.
Actual result
What I get is this: No matter with what policy I connect, I always get the same IP out of POOL_COMPANY1. It's like Astaro is caching my VPN mode_cfg answer which is really annoying in my case.
Bug or a feature, that is the question?
Cheers and thanks,
Manuel
This thread was automatically locked due to age.
