Hi,
We no longer have contacts at Microsoft where we can report bugs to, so
I'm sending it here in the hopes to reach someone (and create a public
entry in case others run into the same bug).
For IPv6 traffic selects during CP payloads, it seems Micrsoft is not
happy with a "network address", eg the lowest address of a CIDR.
In libreswan this an be seen by having an addresspool like:
rightaddresspool=192.168.43.10-192.168.43.250,fddd:500:500:500::/64
This will fail only for the first client connecting that is assigned the
fddd:500:500:500::0 address. A work around is:
rightaddresspool=192.168.43.10-192.168.43.250,fddd:500:500:500::1000-fddd:500:500:500::1fff
See https://github.com/libreswan/libreswan/issues/2697
Thanks to Lin Song for reporting the bug to us.
Paul
_______________________________________________
IPsec mailing list -- [email protected]
To unsubscribe send an email to [email protected]
