On Wed, 14 Jun 2017, Evan Wheeler wrote:
I tried using right=%opportunisticgroup per your suggestion and indeed negotiationshunt=passthrough and failureshunt=passthrough seem to work as expected. Would you like me to create a new bugzilla entry? I am not sure which sub-component is affected.
Yes please file a bugzilla item for this under "pluto-generic".
Actually I have a situation where I need multiple static VPN tunnels to "fail open". The failureshunt and negotiationshunt features would be very useful in certain mission-critical or safety-critical situations where having the data link go down has far greater consequences than losing confidentiality or authentication. For example, medical patient monitoring applications or avionics applications, etc. For that reason I would really like to be able to use these two options in non-OE configurations.
I understand case :) Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
