On Mon, Oct 3, 2011 at 6:10 AM, Tobias Brunner tob...@strongswan.org wrote:
Hi Diego,
I forgot to clarify that route is inserted if compress=no. In
kernel_netlink_ipsec.c add_policy methed, the code checks if mode !=
MODE_TRANSPORT to insert to route.
Yes, if IPComp is enabled the
Hi,
In kernel_netlink_ipsec.c add_policy methed, the code checks if mode !=
MODE_TRANSPORT to insert to route.
Yes. Why do you need an additional route in transport mode? There are
usually no new addresses or routes involved, transport mode just
protects the traffic between two hosts that
Hi Diego,
I forgot to clarify that route is inserted if compress=no. In
kernel_netlink_ipsec.c add_policy methed, the code checks if mode !=
MODE_TRANSPORT to insert to route.
Yes, if IPComp is enabled the actual IPsec SA uses transport mode in the kernel
as the inner IPComp SA
On Fri, Sep 30, 2011 at 8:12 AM, Diego Woitasen di...@woitasen.com.ar wrote:
Hi,
I have the configure below. I don't know why Charon doesn't set the
routes after SA establishment. It's a net-to-net tunnel and works
perfectly for hosts behind the gateway but if I want to connect from
one of
