[strongSwan] Tunnels with dynamic IP and another route issue

Noel Kuntze noel.kuntze+strongswan-users-ml at thermi.consulting
Sat May 6 17:49:42 CEST 2017

On 06.05.2017 14:29, Dusan Ilic wrote:
> Sorry to say I didnt follow you completely, what do you mean? Dont disabling route installation effectively mean that im forced to setup the same with updown-scriprs?
> Also, whats the difference setting a fwmark with netlink plugin? What behaviour changes?

No, in you case, you don't need any extra routes. Just disable it. With the fwmark set, charon can exclude routing table 220 when doing route lookups.

> One observation, it looks like ignoring routing tables doesnt work. Ive tried ignoring every single one and still charon is able to initiatie, how is this possible?


> Also, when having a tunnel all other tunnels wont go up on traffic if start=route is set. Any idea why?
Dunno. Provide your configuration and logs.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20170506/32aaed29/attachment.sig>

More information about the Users mailing list