[strongSwan] trouble with the traffic selector
Ccf Cloud
ccfcloud at gmail.com
Fri Oct 25 08:04:38 CEST 2013
On Fri, Oct 25, 2013 at 11:27 AM, Ccf Cloud <ccfcloud at gmail.com> wrote:
> Hi Martin,
>
> Thanks for the quick reply.
>
> On Thu, Oct 24, 2013 at 12:45 PM, Martin Willi <martin at strongswan.org>wrote:
>
>> Hi,
>>
>> > I want to route all the traffic originating from android device to be
>> > tunneled through the gateway using the tun0 interface.
>>
>> The Android App does no narrowing itself, that happens on the responder
>> only. To tunnel all traffic from the Android device, set
>> leftsubnet=0.0.0.0/0 on the responder.
>>
>
> So now my Android device proposes both TSi and TSr as 0.0.0.0/0 and in
> the gateway I've configured leftsunet as 0.0.0.0/0.
> Now when I establish the tunnel, typing "ip route show" in android device
> shows following:
>
> 0.0.0.0/1 dev tun0 scope link
> default via 10.10.11.1 dev wlan0
> 10.10.11.0/24 dev wlan0 proto kernel scope link src 10.10.11.5
> 10.10.11.1 dev wlan0 scope link
> 128.0.0.0/1 dev tun0 scope link
>
>
Correction:
> where 10.10.11.5 is the ip address of android device over the wlan0
> interface and tun0 also gets same virtual Ip assigned by the gateway.
>
> With this when I run tcpdum on both tun0 and wlan0, I see all the ESP
> packets going through Wlan0 and not tun0.
>
> What am I missing here? Why is the route added as 0.0.0.0/1? My intention
> is to route all the traffic originating from my android device to the
> gateway using the tun0 interface.
>
>
>>
>> Regards
>> Martin
>>
>>
> Thanks & Regards
> Sam
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20131025/aeae6034/attachment.html>
More information about the Users
mailing list