Hi Graham,
> [ Strongswan is also using the list of allowed subnets to set up ip xfrm
> policies. I'm not sure if I want these or understand them, but I'll leave
> them be until I learn more about xfrm. ]
Based on the older IPsec standards (RFC2401), the Linux kernel does not
support (multiple) a
All,
Having learnt how to provide access to the local subnet when the tunnel is
up, I now want to restrict the list of subnets available through the tunnel.
In other words, I want everything to go OFF-tunnel unless it is in the
supplied list of subnets.
So, I set up a normal tunnel and provide a