<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 12pt;
font-family:Calibri
}
--></style></head>
<body class='hmmessage'><div dir='ltr'>Hello,<br><br>Apologize for the huge delay but I had many things going on. I will try to restart my environment in a few days. I will paste the Cisco config + the Strongswan side. I'm sure it can be useful for someone.<br><br>Regards<br><br><div><hr id="stopSpelling">Date: Fri, 19 Dec 2014 15:37:32 +0100<br>From: avalentin@marcant.net<br>To: users@lists.strongswan.org<br>Subject: Re: [strongSwan] Strongswan using VTI - got it working!<br><br>
Hi!<br>
<br>
It would be wonderful if you could document your setup in an email to the list, inluding kernel version. I would even create an Wiki Article for it, if it's allowed.<br>
<br>
Kind regards,<br>
<br>
André<br>
<br>
<div class="ecxmoz-cite-prefix">Am 19.12.2014 um 15:11 schrieb Olivier PELERIN:<br>
</div>
<blockquote cite="mid:DUB118-W21609B6984B25B8E215E8C9B6B0@phx.gbl"><style><!--
.ExternalClass .ecxhmmessage P {
padding:0px;
}
.ExternalClass body.ecxhmmessage {
font-size:12pt;
font-family:Calibri;
}
--></style>
<div dir="ltr">Thanks Martin!<br>
<br>
Quick question, If I understand you well, it's a global setting. <br>
Are you planning to add a knob under the conn itself? It would be nice to be able to control it per conn.<br>
<br>
Regards,<br>
<br>
Olivier<br>
<br>
<div>> Subject: Re: [strongSwan] Strongswan using VTI - got it working!<br>
> From: <a class="ecxmoz-txt-link-abbreviated" href="mailto:martin@strongswan.org">martin@strongswan.org</a><br>
> To: <a class="ecxmoz-txt-link-abbreviated" href="mailto:olivier_pelerin@hotmail.com">
olivier_pelerin@hotmail.com</a><br>
> CC: <a class="ecxmoz-txt-link-abbreviated" href="mailto:schwarz@gaertner.de">schwarz@gaertner.de</a>;
<a class="ecxmoz-txt-link-abbreviated" href="mailto:noel@familie-kuntze.de">noel@familie-kuntze.de</a>;
<a class="ecxmoz-txt-link-abbreviated" href="mailto:users@lists.strongswan.org">users@lists.strongswan.org</a><br>
> Date: Fri, 19 Dec 2014 15:07:09 +0100<br>
> <br>
> <br>
> > Question: what is the use of that table 220? Do we have a CLI to avoid<br>
> > Strongswan installing that route? It's not necessary in case of VTI.<br>
> <br>
> strongSwan installs routes for negotiated policies to a dedicated<br>
> routing table mainly for two reasons:<br>
> * Avoid any conflicts with the main routing table, for example<br>
> with the default route<br>
> * Ignore routes from this table when doing route lookups for IKE<br>
> traffic; IKE packets should always bypass the tunnel.<br>
> <br>
> To disable automatic route installation, set the install_routes option<br>
> to no in the strongswan.conf "charon" section. The routing_table and<br>
> routing_table_prio options allow you to customize installation of<br>
> routes.<br>
> <br>
> Regards<br>
> Martin<br>
> <br>
</div>
</div>
<br>
<fieldset class="ecxmimeAttachmentHeader"></fieldset> <br>
<pre>_______________________________________________
Users mailing list
<a class="ecxmoz-txt-link-abbreviated" href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a>
<a class="ecxmoz-txt-link-freetext" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a></pre>
</blockquote>
<br>
<br>
Mit freundlichen Grüßen<br>
André Valentin<br>
Systemadministrator<br>
-- <br>
MarcanT GmbH, Ravensberger Str. 10 G, D - 33602 Bielefeld<br>
Fon: +49 (521) 95945-0 | Fax: +49 (521) 95945-18<br>
URL: http://www.marcant.net | http://www.global-m2m.com<br>
<br>
Internet * Netzwerk * Mobile Daten<br>
Citrix Silver Solution Advisor<br>
<br>
Geschäftsführer: Thorsten Hojas<br>
Handelsregister: AG Bielefeld, HRB 35827 USt-ID Nr.: DE 190203238<br>
___________________________________________________________<br>
Ausserhalb unserer Geschäftszeiten (Montag bis Freitag von 8:30 Uhr bis<br>
17:30 Uhr, ausgenommen gesetzliche Feiertage in NRW) stehen wir Ihnen<br>
gemäß Ihrer jeweiligen Service-Level-Agreements unter der Ihnen<br>
mitgeteilten Telefonnummer für Störungen und Notfälle zur Verfügung.<br>
Sie können natürlich auch gerne jederzeit unter support@marcant.net ein<br>
Ticket eröffnen, welches am nächsten Arbeitstag bearbeitet wird.<br>
<br>_______________________________________________
Users mailing list
Users@lists.strongswan.org
https://lists.strongswan.org/mailman/listinfo/users</div> </div></body>
</html>