> Maybe you misunderstood - I am just talking about a couple of lines in > ipsec.conf to setup the bypass flow, but still use iked for the > actual vpn connection.
I should have added that may not be the best idea but I was/am trying rdomain for this, (having the bypass in rdomain 1 as an idea) not being successful yet at having a rdomain working to know the answer to this at this time, I was/am trying to find out if iked address space that it interact on is ONLY what would it normally be seen in the rdomain 0 or not. Is that the case and safe to assume that what ever address space you have in other rdomain, when iked have flow configure what ever they might be, will not interact with the table of other rdomain unless specifically sent there (rdomain 0) by pf or by route added specifically to that effect in the routing table? In other words are the flow of iked or when you do the ipsecctl -sf They will affect ONLY the space normally in rdomain 0 or any/all of them regardless of their rdomain space?
