Hi, > conn to-WORLD-unless-HOST1and2
There is no way to exclude specific hosts from a TS. But if you have multiple tunnels, more specific ones match with a higher priority. > rightsubnet=0.0.0.0/0 includes all traffic. If a another tunnel is up to a specific IP, that policy should have a higher priority and it is used for this target address. Regards Martin _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
