[strongSwan] Routing problems with IPsec but not L2TP/IPsec
Noel Kuntze
noel at familie-kuntze.de
Thu Apr 17 16:27:52 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello Patrick,
Try to find out what happens to the traffic then with tcpdump and the -j TRACE target.
Regards
Noel Kuntze
GPG Key id: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
Am 17.04.2014 14:39, schrieb Patrick Shyvers:
> Noel, thanks for the reply! I was actually instructed to add the policy rule by that very wiki page! If I read the page right, the policy rule exempts ipsec encrypted traffic between the client and gateway from NAT.
>
> I did test though just to be sure. All tables default to ACCEPT, and just the one SNAT rule. No luck.
>
> - Patrick
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQIcBAEBAgAGBQJTT+TnAAoJEDg5KY9j7GZY+8kP/3kXL6dnKyCBmoqtmD2zdhPu
Ax7kY3+jLyEkxddXfqeqW4sQhqqhOHgTUloGmYQe0jYl/WQzZ26w6jmOeQbgfVjF
jlY2Qy4EYw2HyDKk6BbdqoZaZnn9fBQr3RHn+A6PyjMNrcpvUDbBwJtC9KT/axzm
HwLZaaITSwa+NvAkwbBo++SaUuq9yqfhw9rieDiM+KH9P0q1QeMOoNNgnlmpkutC
fIB3Ei9N61neHt3/HoUX6UNpEQKxHHSxJt+mMwb0J8hYoQUlgsag9h9+WlMHI2Kl
/T+KoxqlmI7cRkfAKfODuk79w/yMISU5s25PftN/QOWNTFKsxzETWSG1MFZCKGJ+
8o7uA+u1eWw6bZaoLHQt3Rzw0wCVRaovsyn8PVR+oZLBjCfeWmhaHKDMtILZw1pM
ajSYqsnowyAyvpeEJpnKyvv+8EmZtrkQ4dx+EdsI72O7tih/86Ot7oKK5GX54gmM
W1pNELgrgrW7F4csv8kCpYbNgTzI0G9XPynMiH9FI7+V1rMRqYX1lXrH/obTOf/r
gk2O+Y5qroQtynIqt1hWIjfEP8/qA60dJPKx7KfEpup/CtM6Vdx/LoQK+1httaz2
+LwIvEVK/TwRA/Ke82/H/lQa2iYNzpp2okJXYRMhSW7QzE5tyn31FdC5BBd5cDt0
cb1TQVPFp5XO170yhIL4
=OtDS
-----END PGP SIGNATURE-----
More information about the Users
mailing list