On Wed, 8 Mar 2017, Viktor Keremedchiev wrote:
I’ve adjusted the type to tunnel, although OSX clients work(ed) flawlessly.
I removed marking but there is still no traffic from my android device
Anything else I can try?
I don't know then. It should work fine. Perhaps "ipsec verify" logs a
few warnings ? Could be rp_filter or redirects or anything?
Also is there a way to push search domains, and NOT just domains
(modecfgdomain=)
No. That would be a security issue. However for IKEv2 we are working to
support https://tools.ietf.org/html/draft-pauly-ipsecme-split-dns which
does allow at least to specify multiple domains to forward via the VPN.
Paul
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
