<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Noel is right in this case. I set up something similar with openswan some time ago. I do not want to route my local network traffic through the tunnel. Therefore I need a passthrough connection. Perhaps you misunderstood that… <div class=""><br class=""></div><div class="">@Noel: I will later search the bug database and if needed fill a bug report. </div><div class=""><br class=""></div><div class="">Kind regards </div><div class="">Christian Hanster <br class=""><div><blockquote type="cite" class=""><div class="">On 04 Sep 2015, at 20:28, Randy Wyatt <<a href="mailto:rwwyatt01@gmail.com" class="">rwwyatt01@gmail.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Then why would a passthrough be passed the tunnel.    Passthrough policies are for the local lan only.  I will wait for more of an expert to comment.<div class="">I am willing to accept if I am wrong.</div><div class="gmail_extra"><br class=""><div class="gmail_quote">On Fri, Sep 4, 2015 at 11:25 AM, Noel Kuntze <span dir="ltr" class=""><<a href="mailto:noel@familie-kuntze.de" target="_blank" class="">noel@familie-kuntze.de</a>></span> wrote:<br class=""><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><br class="">
-----BEGIN PGP SIGNED MESSAGE-----<br class="">
Hash: SHA256<br class="">
<br class="">
A passthrough policy always only applies to the local host.<br class="">
It's completely okay to use overlapping subnets, because the tunnel doesn't work like a normal route.<br class="">
It's source AND Destination based routing. If you apply a passthrough policy for local traffic in your LAN, then it will work.<br class="">
The purpose of a passthrough policy is to *explicitely* tell the IPsec stack to *not* do any IPsec processing on certain packets.<br class="">
The use case of Christian is *exactly* what it's for.<br class="">
<br class="">
- --<br class="">
<br class="">
Mit freundlichen Grüßen/Kind Regards,<br class="">
Noel Kuntze<br class="">
<br class="">
GPG Key ID: 0x63EC6658<br class="">
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br class="">
<br class="">
-----BEGIN PGP SIGNATURE-----<br class="">
Version: GnuPG v2<br class="">
<br class="">
iQIcBAEBCAAGBQJV6eIXAAoJEDg5KY9j7GZYu/IP/AtkpY7UsCf3fx6nSpCxiBWK<br class="">
ZJJ1Ip2vaHFnUSDdqvYlkj09m1Cumzo5MRoBZ8NrbdBaftsCrBkBCtyhcwYbPnfC<br class="">
ykdqXSH5eQID/BL9qXfYOQhS+llYo1tpW1WgNX4/9mfU/VHpnQ059iWSyO47JxoR<br class="">
IgPPuNtkk2q88LWoG4h3QCdws+XG0ui+AG1WIX9pdQ1hror3+Q19rKBRVsJ3paqJ<br class="">
msx7A3ZaHa62CQ9iq4ruGaVUR+17ZgGg9G80vjapb1mgnvk0yDQycL3cz+ANm4cH<br class="">
HPIZqbc/JvJgcpF1iTVS5ToIrznvXUtaBFIgYLqTqDawyssDe3ly1Jt27+pN0t9V<br class="">
CkPCKljoSHMOnZChhxJRyAo8gRxSmBhbETedt7blBQ8CrNaFGVpZw4K2RE5/nCub<br class="">
MA1wCbqmXl5hcuAyLLYL2izdsXvZtmUeyARBWkVf12J4Z1m4DHl1iMfTgxma/G0n<br class="">
NlTXWXJg7MbaKiPLmmxRn95/rXZoRhTk4ihfiVIKOvBuGIAVBb/u+9NJUax3veHS<br class="">
rNdTs4wLgW28Ey6elyAukWIGSO6m75W9fONsBSYFldQw1Ktz04bqoZbAA57QisF2<br class="">
ZuE8RV/vD2+yp02/F4b5XS0oELFGh6QDJjVTjaVHRGYno18Eluspz7/4rF357KIk<br class="">
9FBnWOIWPB1oerb44xWS<br class="">
=n/f1<br class="">
-----END PGP SIGNATURE-----<br class="">
<br class="">
</blockquote></div><br class=""><br clear="all" class=""><div class=""><br class=""></div><div class="gmail_signature"><div dir="ltr" class=""><div dir="ltr" class=""><div dir="ltr" class=""><div class=""><br class=""></div><div class=""><table width="93%" align="center" style="background-color:rgb(242,245,247)" border="0" cellspacing="0" cellpadding="4" class=""><tbody class=""><tr class=""><td valign="top" style="width:169px;line-height:155%" class=""><font face="Verdana, Arial" style="font-size:11px;margin-top:4px" valign="top" class=""><b class=""></b></font></td><td valign="top" class=""><span style="color:rgb(0,51,102);font-size:18px;font-weight:bold" class=""><font color="#1155cc" class=""><br class=""></font></span></td></tr></tbody></table></div></div></div></div></div>
</div></div>
</div></blockquote></div><br class=""></div></body></html>