[strongSwan] [EDIT] Traffic selection problems

[Brian Topping]

> VTI devices won't change anything.  You can't use transport mode with
> any IPs other than those of the endpoints (i.e. it doesn't work with
> virtual IPs or arbitrary subnets - you have to use tunnel mode for that).

Got it, thanks Tobias. But the logs say `06[IKE] not using transport mode, not host-to-host` and the SADB modes are all `tunnel`, so the stack appears to have made up for my error. 

Or has it?