[strongSwan] IKEv2 passthrough

Andreas Steffen andreas.steffen at strongswan.org
Thu Nov 4 22:20:21 CET 2010

Hello Oliver,

passthrough policies are not supported [yet] with IKEv2. You have
to set them manually via ip xfrm policy add.



On 11/04/2010 10:00 PM, Oliver wrote:
> Hi all,
> i try to migrate my ipsec settings from IKEv1 to IKEv2. With IKEv1
> everything works fine. With IKEv2 my local subnet traffic does not
> working while started tunnel. My running configuration is the same like
> described there.
> http://www.strongswan.org/uml/testresults/ikev1/passthrough/
> Is it possible to get passthrough working with IKEv2?
> I tried also to set the passthrough policies manual up with the command
> "ip xfrm policy add ...". While running the ipsec-tunnel the policies
> shown with "ip xfrm policy" are the same in IKEv2 as IKEv1.
> Thanks for any info
> Oliver

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list