[strongSwan] IKEv2 passthrough

Andreas Steffen andreas.steffen at strongswan.org
Thu Nov 4 22:20:21 CET 2010


Hello Oliver,

passthrough policies are not supported [yet] with IKEv2. You have
to set them manually via ip xfrm policy add.

Regards

Andreas

On 11/04/2010 10:00 PM, Oliver wrote:
> Hi all,
>
> i try to migrate my ipsec settings from IKEv1 to IKEv2. With IKEv1
> everything works fine. With IKEv2 my local subnet traffic does not
> working while started tunnel. My running configuration is the same like
> described there.
> http://www.strongswan.org/uml/testresults/ikev1/passthrough/
>
> Is it possible to get passthrough working with IKEv2?
>
> I tried also to set the passthrough policies manual up with the command
> "ip xfrm policy add ...". While running the ipsec-tunnel the policies
> shown with "ip xfrm policy" are the same in IKEv2 as IKEv1.
>
> Thanks for any info
>
> Oliver

======================================================================
Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==




More information about the Users mailing list