[strongSwan] IPsec drop policies 2
noel.kuntze+strongswan-users-ml at thermi.consulting
Sat Feb 1 23:27:18 CET 2020
I took a look at the data you provided and it looks okay.
Are you connecting to your router from its LAN or over the Internet?
If not, then the packets are caught by the drop policy and you will need a policy for those, too.
You can chain shell commands together as I showed in the command I sent you earlier.
You can use that to do stuff even if the connection is disconnected intermediately.
Am 01.02.20 um 10:28 schrieb reterverv ercertecrterc:
>> It doesn't "stop working". It enforces your configured policies.
> Hello Noel.
> If "swanctl --load-all" enforces my configured policies and does not stop, then how can I start the swanctl.conf after that?
> I can't type anything into the terminal after "swanctl --load-all".
> Look at the picture: https://abload.de/img/swanctlwbk6a.jpg
> Did the output of "swanctl -q ; ip x p ; swanctl -P ; ip route show table all ; ip rule ; iptables-save ; swanctl -u --child dropall" help you?
> Best regards
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 833 bytes
Desc: OpenPGP digital signature
More information about the Users