[strongSwan] Bypassing traffic to local LAN
Tianjie Mao
tjmao at tjmao.net
Sat Aug 10 15:40:10 CEST 2013
Hi Jiehan,
Could you please list your current configuration on both sides? I have been
using charon and it does not seem to cause unwanted traffic to be forwarded
to the remote site.
If that is a "local LAN" prefix, it should bypass the policy without a
problem.
If that is a prefix that needs to be forwarded by one or more routers, does
adding a more-specific route work for you?
Regards,
Tianjie Mao
On Aug 10, 2013 9:12 PM, "Jiehan Zheng" <zheng at jiehan.org> wrote:
> Hi,
>
> I am using strongSwan 5.1.0 and my connection is using IKEv2. The
> rightsubnet on my machine and leftsubnet on the server are both 0.0.0.0/0,
> causing all the traffic, including local LAN traffic from being sent
> through IPsec. I am looking for a way to exempt local traffic from being
> sent to the server. I've read through this thread:
> https://lists.strongswan.org/pipermail/users/2010-March/004614.html
>
> However, it's been three years so I am wondering if there is a better way,
> now with version 5.1.0 and charon, to achieve this?
>
> Thanks,
>
> Jiehan
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20130810/d3d81f8d/attachment.html>
More information about the Users
mailing list