On Mon, 17 Apr 2017, Antonio Silva wrote:
Correcting if i'm wrong, but digging a litle more, there won't be any mac associated with the ip/vpn client, so there is no arp entry in the server, even with proxy-arp enabled the lan devices will never be able to reach the vpn client.. because not arp will be found in the server. So i always have to set a different network, like in the 2) setup, no?
proxy arp fixes that. The linux/libreswan serer will use its own MAC for all IP addresses it handed out to the clients. Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
