[strongSwan] Problem routing traffic to Public IP via Tunnel
Angel Kafazov
akafazov at gmail.com
Wed Apr 18 20:22:42 CEST 2012
Sorry, yes it was wrong mailing list.
On Wed, Apr 18, 2012 at 20:40, Tobias Brunner <tobias at strongswan.org> wrote:
> Hi Angel,
>
>> #rightsubnets= {X1.Y1.Z1.11/32 X2.Y2.Z3.19/32}
>> ...
>>
>> Traffic to private ip X1.Y1.Z1.11 is OK, but public X2.Y2.Z3.19 is not
>> reachable. How can I see if openswan puts packet for X2.Y2.Z3.19 in the
>> tunnel?
>
> Wrong mailing list? If you're using Openswan, try asking your question
> on their list. Are you, in fact, using strongSwan, then your config is
> wrong. We don't support the rightsubnets option. But with IKEv2 you
> may use
>
> rightsubnet=X1.Y1.Z1.11/32,X2.Y2.Z3.19/32
>
> that is, use rightsubnet (singular) then separate your subnets (or
> addresses) with commas. For IKEv1 you have to add a separate conn
> section for each subnet.
>
> Regards,
> Tobias
More information about the Users
mailing list