[strongSwan] Add routes? (Was: Anyone got strongSwan working with Aruba Networks (as a Aruba VIA client)?)

Martin Willi martin at strongswan.org
Mon Apr 28 12:14:37 CEST 2014

> One thing I notice is that when I add multiple subnets to rightsubnet
> only the last one is shown in statusall and the IPSec policy list.

> child: dynamic === <list of rightsubnet...>
> <conn>{1} <left>/32 === <last subnet in rightsubnet>

strongSwan just proposes a list of local and remote traffic selectors;
your peer is free to narrow these subnets or drop some of them. Check
your peer configuration for the configured subnets.

Maybe your Aruba box expects clients connecting just a single (virtual)
IP, and does not allow net-to-net connections?

> Do I need to enable IP forwarding maybe?

If your strongSwan box should do IPsec forwarding on behalf of other
hosts, yes. But not sure if your Aruba box allows that.


More information about the Users mailing list