I am working my way through a simple example of a road-warrior with certificate authentication, based on https://www.strongswan.org/testing/testresults/ikev2/rw-cert/
By adding a virtual address pool to the server swanctl.conf, similar to the Roadwarrior scenario at https://wiki.strongswan.org/projects/strongswan/wiki/UsableExamples, primary-pool-ipv4 { addrs = 172.16.252.0/24 dns = 8.8.8.8 } and by adding a line to the client swanctl.conf: vips = 0.0.0.0 the server assigns a virtual IP address to the client, 172.16.252.1/32. This can be confirmed with the command: ip a However, nothing is added to the client's route table. The output from the command: ip r does not change. And the client continues to use its regular Internet gateway instead of the tunnel to the server. How do I get the client to send ALL its traffic through the tunnel to the server?
