[strongSwan] trouble with the traffic selector
Martin Willi
martin at strongswan.org
Fri Oct 25 09:39:28 CEST 2013
Hi,
> With this when I run tcpdum on both tun0 and wlan0, I see all the ESP
> packets going through Wlan0 and not tun0.
I'd say that's the idea; plain packets go over the virtual adapter,
encrypted ones over your physical connection.
> What am I missing here? Why is the route added as 0.0.0.0/1?
> 0.0.0.0/1 dev tun0 scope link
> 128.0.0.0/1 dev tun0 scope link
The default route (0.0.0.0/0) gets split up two sub-routes covering the
same range. This is done to avoid any conflicts with the default route
and to enforce a higher priority for the VPN connection.
Regards
Martin
More information about the Users
mailing list