Re: [strongSwan] Windows 7 IKEv2 problems

Wed, 28 Jul 2010 14:34:52 -0700 

Hello,

Kevin Clark <kevin.cl...@...> writes:
> The second and more troubling problem is to do with the routes that Windows 
> creates to support the subnet
> behind the VPN gateway.  I only want packets destined for the remote subnet 
> to go across the VPN.  If I enable
> "Use default gateway on remote network" everything gets routed through the 
> VPN which I don't want.   I've
> have disabled this option and left "class based route addition" enabled but 
> then all I get are routes
> supporting the virtual IP address, not the subnet behind the VPN gateway.  
> You may well say that this is a
> Windows issue but I hope that there's some parameter missing from my config 
> that will fix this.
>
> IPv4 Route Table [ class based route addition ]
> ====================
> Active Routes:
> Network Destination        Netmask          Gateway       Interface  Metric
>           0.0.0.0          0.0.0.0     192.168.25.1    192.168.25.10     10
>         127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
>         127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
>   127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
>       192.168.7.0    255.255.255.0         On-link       192.168.7.2     11
>       192.168.7.2  255.255.255.255         On-link       192.168.7.2    266   
> <---- the assigned virtual
>     192.168.7.255  255.255.255.255         On-link       192.168.7.2    266
>
> IPv4 Route Table [ default route enabled ]
> ====================
> Active Routes:
> Network Destination        Netmask          Gateway       Interface  Metric
>           0.0.0.0          0.0.0.0     192.168.25.1    192.168.25.10   4235
>           0.0.0.0          0.0.0.0         On-link       192.168.7.3     11   
> <---- everything shoved down the VPN
>         127.0.0.0        255.0.0.0         On-link         127.0.0.1   4531
>         127.0.0.1  255.255.255.255         On-link         127.0.0.1   4531
>   127.255.255.255  255.255.255.255         On-link         127.0.0.1   4531
>       192.168.7.3  255.255.255.255         On-link       192.168.7.3    266

I just encountered the same problem, albeit with Windows 2k8 R2; my
configuration is identical to yours (minus EAP).
Did you find any solution to this problem?
In the end I disabled "Use default gateway on remote network" and
resorted to a static route on Win, so that the traffic for the LAN is
sent to the VPN...

L

_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users

Reply via email to