[strongSwan] remote peer IP falls into crypto domain right subnet
Doug Tucker
doug.tucker at Newscycle.com
Wed Sep 26 17:01:48 CEST 2018
I've done some searching and am not finding any info on this. We had a client who wanted to offer a /16 as his right subnet and his outside peer IP of his ASA fell into the /16 they were offering. With a cisco ASA this is a non issue as in this type of scenario cisco exempts out that single IP from the routing table but with strongswan 5.6.3 it appears to not do so by default and caused some odd routing anomalies to this IP. Does anyone know of a configuration directive for dealing with this?
Doug Tucker
Sr. Network Administrator
o: 817.975.5832 | m: 817.975.5832
e: doug.tucker at newscycle.com
[Newscycle Solutions]<http://www.newscycle.com/>
Breakthrough technologies for media
Twitter<http://www.twitter.com/newscycle_news> | Facebook<https://www.facebook.com/NEWSCYCLESolutions> | Linkedin<https://www.linkedin.com/company/newscycle-solutions>
CONFIDENTIALITY NOTICE: The contents of this email message and any attachments are intended solely for the addressee(s) and may contain confidential and/or privileged information and may be legally protected from disclosure. If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying, or storage of this message or its attachments is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180926/cbb9db51/attachment-0001.html>
More information about the Users
mailing list