Hi Lejeczek,
> I do not see, not on the server nor on initiator, any tun
> devices created, unless an 'ipsec0' is such one iface. It's
> the only iface I see made by strongswan's libipsec.
Device names are arbitrary and thus not useful for identifying the type of
interface.
the ipsec0 device is
Hello Lejeczek,
kernel-libipsec (which is required to be loaded for libipsec to be usable)
creates a tun interface itself. You can not prescribe it to use one.
> mode = pass
That disables all IPsec processing for traffic that matches the policies. You
probably don't want to do that.
On 05/11/2020 17:19, Noel Kuntze wrote:
> Hello Lejeczek,
>
> kernel-libipsec (which is required to be loaded for libipsec to be usable)
> creates a tun interface itself. You can not prescribe it to use one.
I do not see, not on the server nor on initiator, any tun
devices created, unless an