Hello! I will create a VPN based on Strongswan. The IP-Range of the VPN is 172.16.0.0/22. No I have separate this big IP-Range in smaller range with the netmask /29 like that;
172.16.0.0/29 ==== Central VPN Gateway ==== 172.16.0.8/29 || 172.16.0.16/29 and so on... Now when I start the ipsec connection, Strongwan routes the local network packages through the ipsec tunnel. I think the problem is that the leftsubnet is a part of the rightsubnet. Is there a way to do that with the routing table or so? I use a analog solution with openswan - that works. regards Andreas Ascheneller _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users