[strongSwan] trouble with the traffic selector

Ccf Cloud ccfcloud at gmail.com
Fri Oct 25 07:57:52 CEST 2013


Hi Martin,

Thanks for the quick reply.

On Thu, Oct 24, 2013 at 12:45 PM, Martin Willi <martin at strongswan.org>wrote:

> Hi,
>
> > I want to route all the traffic originating from android device to be
> > tunneled through the gateway using the tun0 interface.
>
> The Android App does no narrowing itself, that happens on the responder
> only. To tunnel all traffic from the Android device, set
> leftsubnet=0.0.0.0/0 on the responder.
>

So now my Android device proposes both TSi and TSr as 0.0.0.0/0 and in the
gateway I've configured leftsunet as 0.0.0.0/0.
Now when I establish the tunnel, typing "ip route show" in android device
shows following:

0.0.0.0/1 dev tun0  scope link
default via 10.10.11.1 dev wlan0
10.10.11.0/24 dev wlan0  proto kernel  scope link  src 10.10.11.5
10.10.11.1 dev wlan0  scope link
128.0.0.0/1 dev tun0  scope link

where 10.10.11.15 is the ip address of android device over the wlan0
interface and tun0 also gets same virtual Ip assigned by the gateway.

With this when I run tcpdum on both tun0 and wlan0, I see all the ESP
packets going through Wlan0 and not tun0.

What am I missing here? Why is the route added as 0.0.0.0/1? My intention
is to route all the traffic originating from my android device to the
gateway using the tun0 interface.


>
> Regards
> Martin
>
>
Thanks & Regards
       Sam
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20131025/3531951d/attachment.html>


More information about the Users mailing list