On Tue, 13 Feb 2024, Phil Nightowl wrote:
conn headq left=%defaultroute leftcert=remotehost1 leftid=%fromcert right=198.51.100.33 rightid=%fromcert leftsubnet=0.0.0.0/0 rightsubnet=0.0.0.0/0
What are you trying to do here? Where does 0.0.0.0/0 live? It cannot live at both sides of the tunnel. Where would a packet for 1.2.3.4 need to go? To left or to right? Are you trying to make a route based VPN without using an ipsec interface? Paul _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
