[strongSwan] IKEv2 PSK IPv4 to IPv6 not Routing
Martin Willi
martin at strongswan.org
Mon Nov 18 11:02:07 CET 2013
Hi,
> cat /proc/sys/net/ipv6/conf/eth1/forwarding
And this is true for all involved interfaces?
> > Do LAN hosts know they have to forward rightsourceip addresses over
> > the gateway? (the farp plugin works for IPv4 only)
>
> Unsure how to address this. I see my client doing ARP requests, but I
> never see anything come to my GW.
I assume you are talking about ICMPv6 Neighbor Discovery here?
Your LAN hosts most likely assume that the addresses you hand out to the
road warrior are on the local LAN, while they are not. You'll need to
allocate the rightsourceip addresses from a dedicated subnet, and make
sure that the LAN hosts have a route for them over the IPsec gateway.
This can be an explicit route, or a port of the default route.
Regards
Martin
More information about the Users
mailing list