[strongSwan] How to set local_ts to exclude one special ip in a subnet?
I have read the wiki about swanctl.conf, but have not found a good solution. e.g. I have a subnet 172.22.0.0/16, and a special ip 172.22.22.22 who does not want to run into ipsec tunnel. Does StrongSwan support '-'? like this: local_ts = 172.22.0.1-172.22.22.21,172.22.22.23-172.22.255.255 Is there any easy way? Thx~
Re: [strongSwan] How to set local_ts to exclude one special ip in a subnet?
Hi, > Is there any easy way? Define a passthrough policy for that IP (mode=pass). Regards, Tobias
[strongSwan] How to set local_ts to exclude one special ip in a subnet?
I have read the wiki about swanctl.conf, but have not found a good solution. e.g. I have a subnet 172.22.0.0/16, and a special ip 172.22.22.22 who does not want to run into ipsec tunnel. Does StrongSwan support '-'? like this: local_ts = 172.22.0.1-172.22.22.21,172.22.22.23-172.22.255.255 Is there any easy way? Thx~