[strongSwan] IPv6 tunnel and IPv4 traffic: no routing entries in table 220 ?
Noel Kuntze
noel.kuntze+strongswan-users-ml at thermi.consulting
Wed Jan 29 11:21:48 CET 2020
Hello Thomas,
Routes are added when traffic needs to be sent to another destination than the main routing table or existing routes in table 220 do. It's all in C code.
Please provide all information as shown on he HelpRequests page on the wiki if you want any actionable advice.
Kind regards
Noel
Am 29.01.20 um 11:18 schrieb Thomas Rudolph:
> Hello,
>
>
>
> I wonder how the routing entries are written to table 220, and which are neccesary. Is there any place , like _updown for firewall rules, where I can see how and what is done ?
>
>
>
> My problem:
>
>
>
> If I use IPv4 tunnel and traffic, it’s all ok, rules in table 220 appear and VPN works from LAN to LAN.
>
> If I use IPv6 tunnel and IPv4 traffic, nothing appears in table 220. What can be the reason for such behavior ?
>
>
>
> And, I was not able to find myself a rule that works, I tried to add to table 220 rules like
>
>
>
> ip route add 192.168.2.0/24 proto static scope global dev eth0 src 192.168.0.1 table 220
>
>
>
> with REMOTE_LAN_NET src LOCAL_LAN_ADDRESS
>
>
>
> (derived from strongSwan example https://www.strongswan.org/testing/testresults/ipv6/net2net-ip4-in-ip6-ikev2/ )
>
>
>
>
>
> but it dont’t work. VPN connection is up, but no ping from LAN to LAN, it seems the traffic is not thrown into tunnel (policy based VPN).
>
>
>
>
>
> ?
>
>
>
> Can anyone please give a hint ?
>
>
>
>
>
> Regards,
>
>
>
> Thomas
>
> --
> Thomas Rudolph
> Teleconnect GmbH
> Am Lehmberg 54, 01157 Dresden, Germany
>
> Phone: +49 351 4236 214 (Main: - 210)
> E-Mail/Skype: rudt at teleconnect.de <mailto:rudt at teleconnect.de>
>
>
>
> Watch our current video! <https://www.youtube.com/watch?v=YtFrOo9rzSU>
>
> Teleconnect <https://www.teleconnect.de> Twitter <https://twitter.com/Teleconnect_> Linkedin <https://www.linkedin.com/company/teleconnect-gmbh/>
>
> USt.-IdNr. (VAT ID): DE140301522
> Registergericht (Commercial registry): Dresden, HRB 1040
> Geschäftsführer (Managing Director): Dr. Gerald Nürnberger
> ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> Der Inhalt dieser Mail enthält möglicherweise vertrauliche Informationen und ist ausschließlich für den bezeichneten Adressaten bestimmt. Wenn Sie nicht der richtige Adressat sind, teilen Sie dem Absender bitte den Erhalt der Mail mit und löschen Sie die Mail.
> The content of this mail may contain confidential information and is intended solely for the designated addressee. If you are not the intended addressee, then please inform the sender about the receipt of this mail and delete the mail.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20200129/343f3e87/attachment-0001.sig>
More information about the Users
mailing list