[strongSwan] Bypassing traffic to local LAN
tjmao at tjmao.net
Sat Aug 10 15:40:10 CEST 2013
Could you please list your current configuration on both sides? I have been
using charon and it does not seem to cause unwanted traffic to be forwarded
to the remote site.
If that is a "local LAN" prefix, it should bypass the policy without a
If that is a prefix that needs to be forwarded by one or more routers, does
adding a more-specific route work for you?
On Aug 10, 2013 9:12 PM, "Jiehan Zheng" <zheng at jiehan.org> wrote:
> I am using strongSwan 5.1.0 and my connection is using IKEv2. The
> rightsubnet on my machine and leftsubnet on the server are both 0.0.0.0/0,
> causing all the traffic, including local LAN traffic from being sent
> through IPsec. I am looking for a way to exempt local traffic from being
> sent to the server. I've read through this thread:
> However, it's been three years so I am wondering if there is a better way,
> now with version 5.1.0 and charon, to achieve this?
> Users mailing list
> Users at lists.strongswan.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users