Hi,
I have the following conf:
config setup
protostack=netkey
plutodebug=none
listen=199.x.y.166
conn conn_vpn
authby=secret
left=199.x.y.166
right=199.x.y.159
ike=aes256-sha1;modp1024
phase2alg=aes256-sha1;modp1024
ikelifetime=28800s
salifetime=3600s
leftsubnet=0.0.0.0/0
rightsubnet=0.0.0.0/0
type=tunnel
mark=5/0xffffffff
vti-interface=vti01
vti-routing=no
vti-shared=yes
auto=start
leftvti=10.100.0.1/16
the other end is similar with leftvti=10.200.0.1/16.
The VPN can be established successfully. However, I don't see the leftvti
take effect. I was expecting I can ping 10.100.0.1 from the other end. Is
this what we should expected? How to correctly config leftvti?
In the help page, it has this example:
# If you run a subnet with BGP (quagga) daemons over IPsec, you
can configure the VTI interface
leftvti=10.0.1.1/24
my subnets do not have BGP daemons running.
Thanks,
Xinwei
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
