[strongSwan] Fwd: Guidance on split-exclude when using Unity plugin
Martin Willi
martin at strongswan.org
Thu Feb 7 08:51:09 CET 2013
Hi,
Please try to keep the discussion on the mailing list, thanks.
> with the patch www.2600.com gets tunnelled. Expected: it should be
> tunnelled (not sent via the VPN).
> Unity (ios[2]: 207.99.30.226/32): 192.168.0.2/32 === 207.99.30.226/32 PASS
The bypass policy now looks fine. But as expected, this IP still uses
the source route, hence the policy does not match. We'd need an
additional source route for this policy using a higher priority. Did you
have any success in enforcing 192.168.0.2 as source address for testing?
Regards
Martin
More information about the Users
mailing list