[strongSwan] IPv6 source address choice of charon-nm
Tobias Brunner
tobias at strongswan.org
Tue Jul 7 10:11:54 CEST 2020
Hi Kajetan,
>> Try enabling charon-nm.prefer_temporary_addrs in strongswan.conf. I
>> guess it could even make sense to change that default for the NM backend.
> Enabling this option causes no route to be installed in table 220 and
> thus no traffic routed over VPN for IPv6. The IP address oferred by VPN
> server gets assigned on primary interface, though.
Interesting. I think I might have an idea why. Can you try the patch
in the netlink-ipv6-vip branch [1]?
Thanks,
Tobias
[1]
https://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/netlink-ipv6-vip
More information about the Users
mailing list