[strongSwan] 回复: auto=route, but packet can't trigger a acquire to negotiate a ipsec tunnel
陆晓萍
piaoliugirl at 163.com
Fri May 25 19:08:18 CEST 2018
thanks for your response.I install strongswan on centos7.2, does it can't support kernel-ipsec?I run'./configure ..... --enable-kernel-ipsec' it shown warning, can't find kernel-ipsec, how can i do?
| |
陆晓萍
邮箱:piaoliugirl at 163.com
|
签名由 网易邮箱大师 定制
在2018年05月25日 20:03,Tobias Brunner 写道:
Hi,
> I configured a ikev2 , net-to-net, psk, i can use "ipsec up" command
> to establish tunnel, but it can't established by a coming traffic, of
> course, the ttraffic can match the rule.
The kernel-libipsec plugin does currently not support trap policies. So
disable that plugin and use the kernel's IPsec stack instead (via
kernel-netlink plugin).
Regards,
Tobias
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180526/64c3532b/attachment.html>
More information about the Users
mailing list