[strongSwan] [EDIT] Traffic selection problems

[Tobias Brunner]

Hi Brian,

> I am using `type=transport`

You can't use transport mode to tunnel traffic from IPs other than the
two hosts themselves (that's exactly what tunnel mode is for where the
complete IP packet, including the original header, is encapsulated),
unless, you use an additional tunneling protocol like GRE.  So for
transport mode you will have to use %dynamic (optional with
protocol/port) as traffic selector.

Regards,
Tobias