[strongSwan] Coexistence of route-based and policy-based VPN

Noel Kuntze noel at familie-kuntze.de
Tue Apr 11 09:07:18 CEST 2017

On 11.04.2017 02:06, Sandesh Sawant wrote:
> When I created 2 tunnels with the same end points - one route-based and the other policy-based, then I noticed that both tunnels were established, however within a few seconds one of them went down (its SAs & SPs were removed from XFRM).

Read the logs. You'll find out why it happens.

> Also, can someone confirm if Linux VTI supports multicast? And if yes, does one need to modify something in VTI interface configuration. I'd appreciate if someone can a sample configuration for OSPF over VTI (e.g. using quagga ospfd).

I never tested that, so I don't know.


Mit freundlichen Grüßen/Kind Regards,
Noel Kuntze

GPG Key ID: 0x63EC6658
Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 866 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170411/f9447583/attachment-0001.sig>

More information about the Users mailing list