[strongSwan] ipsec routes removed when interface down and not reinstated

[Tobias Brunner]

Hi Alex,

> All is working. I then unplug my network cable, wait a few seconds, and
> plug it back in. Now table 220 is empty. The tunnel still says it's
> connected, and I suppose it is - but because the route isn't there any
> more, I get no traffic over the VPN.

You should check the log with the log level for the knl subsystem
increased to 2 (see [1]).  The route in table 220 should get readded
automatically if the network connectivity changes (if it's an IKEv2
connection MOBIKE might also be triggered).

Regards,
Tobias

[1] https://wiki.strongswan.org/projects/strongswan/wiki/LoggerConfiguration