[strongSwan] Probably missing route entry in table 220

Eliguzel, Cem cem.eliguzel at siemens.com
Thu Nov 5 14:13:52 CET 2015


We have a system that serves both Ipsec and OpenVPN clients. For OpenVPN we have the following interfaces:


And when I have the following swanctl configuration:

connections {

    IPsec {
        local_addrs  =

        local {
            auth = pubkey
            certs = srv.crt
            id =
        remote {
            id = "CN=IPsec at 3.1"
            auth = pubkey
        children {
            net {
                local_ts =,,
                remote_ts =
                start_action = none
                updown =  /path/to/updown_script
                esp_proposals = aes256-sha1-modp2048
                life_time = 60m

        version = 2
        dpd_timeout = 120s
        proposals = 3des-sha1-modp1024

I get the following entry in table 220: via dev eth0  proto static  src

Which is OK but  I think there must be another entry for tun_tcp interface like: via dev eth0  proto static  src

Is there something wrong with my reasoning? What can I do to fix the issue?

Mit freundlichen Grüßen
Cem Eliguzel

Siemens Sanayi ve Ticaret A.S.
1000. Cd. 13. Sk. No: 1004 - Gebze
41480 Kocaeli, Türkei
mailto:cem.eliguzel at siemens.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20151105/f2b990f7/attachment.html>

More information about the Users mailing list