[strongSwan] question on using reinject on Multicast
Cao, Jean
Jean.Cao at gd-ms.ca
Tue Jul 11 19:27:42 CEST 2017
Hi,
We are using StrongSwan as our Multicast over IPSec solution. We are having following issues with our configuration right now:
- %unique doesn't work. It doesn't mark the mangle table for some reason. So we manually configure mark=0x01, mark- 0x02 and mark=0x03. This workaround seems working. We wonder if there are any consequence for multicast working properly.
- Reinject is causing looping problem. If we turn on the reinject in forecast.conf, the tunnel is swamped by looping packets. We wonder if there are any configurations that we have missed.
Our set up is currently simple, (but will extend to more clients):
Client1 --- Home --- Client2
We want to have multicast among three of them, especially between Client1 and Client2. Right now, without reinject, we only have traffic between Home-Client1 and Home-Client2. No traffic between Client1 and Client2.
Any suggestions are much appreciated!
Jean
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170711/eb1e5b5a/attachment.html>
More information about the Users
mailing list