blob: d253a8865883569e3ecd6e1d3fe29b0a1bf00d75 (
plain)
1
2
3
4
5
6
7
8
9
10
11
|
The roadwarriors <b>carol</b> and <b>dave</b> set up a connection each to gateway <b>moon</b>
and request a <b>virtual IP</b> via the IKEv2 configuration payload by using the <b>leftsourceip=%config</b>
parameter. The <b>dhcp</b> plugin on gateway <b>moon</b> then requests an IP address and DNS/WINS server
information from DHCP server <b>venus</b> using the DHCP protocol. The IP addresses are assigned statically
by <b>venus</b> based on the IKEv2 peer identities <b>carol@strongswan.org</b> and <b>dave@strongswan.org</b>,
respectively, included by the dhcp plugin as a <b>dhcp-client-identity</b> option in the DHCP request.
<p/>
With the static assignment of 10.1.0.30 and 10.1.0.40, respectively, <b>carol</b> and <b>dave</b>
become full members of the subnet 10.1.0.0/16 hidden behind gateway <b>moon</b>. And this thanks to
the <b>farp</b> plugin through which <b>moon</b> acts as a proxy for ARP requests e.g. from <b>alice</b>
who wants to ping <b>carol</b> and <b>dave</b>.
|
