[strongSwan] Source IP in routing table

Hoggins! hoggins at radiom.fr
Fri Dec 28 14:35:36 CET 2018


Well,

I got away with setting install_routes to no and manually installing
them on startup.
I guess I could use a leftupdown script to get all this when the tunnel
is closed/reopened.

Anyway that'd be nice to have some control over these routes when
install_routes is set to yes.

    Hoggins!

Le 24/12/2018 à 23:07, Hoggins! a écrit :
> Hello list,
>
> I had a perfectly working setup that I built ontop of a machine that
> never rebooted for several months. Multiple interfaces, multiple IP
> addresses on the same machine, the default source address has always
> been 192.168.22.10 in routing table 220. After the last reboot, I found
> out that the routing table came different:
>
>     ~# ip route show table 220
>     192.168.12.0/24 via X.X.X.X dev ppp0  proto static  src 192.168.35.10
>     192.168.33.0/24 via X.X.X.X dev ppp0  proto static  src 192.168.35.10
>     192.168.55.0/24 via X.X.X.X dev ppp0  proto static  src 192.168.35.10
>     192.168.66.0/24 via X.X.X.X dev ppp0  proto static  src 192.168.35.10
>
>
> Before, the 192.168.35.10 source address was 192.168.22.10 and
> everything was setup around this. To overcome this situation, my first
> solution was to SNAT a lot and it's working alright, but not for the SIP
> protocol for example, and I'm stuck there.
> So I was wondering if there was any kind of control over the source
> address in the routing table 220 that would allow me to set
> 192.168.22.10 back again.
>
> This 192.168.35.10 is not even the source address for the default
> gateway, so I really wonder why StrongSWAN choses this address as the
> source one. Any idea?
>
> Thanks!
>
>     Hoggins!
>


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 195 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20181228/f520c188/attachment.sig>


More information about the Users mailing list