[strongSwan] Strongswan using VTI - got it working!
Martin Willi
martin at strongswan.org
Fri Dec 19 15:07:09 CET 2014
> Question: what is the use of that table 220? Do we have a CLI to avoid
> Strongswan installing that route? It's not necessary in case of VTI.
strongSwan installs routes for negotiated policies to a dedicated
routing table mainly for two reasons:
* Avoid any conflicts with the main routing table, for example
with the default route
* Ignore routes from this table when doing route lookups for IKE
traffic; IKE packets should always bypass the tunnel.
To disable automatic route installation, set the install_routes option
to no in the strongswan.conf "charon" section. The routing_table and
routing_table_prio options allow you to customize installation of
routes.
Regards
Martin
More information about the Users
mailing list