I read it over, and it looks like I can specify pass policies for certain networks.. Problem is, I want all of 0.0.0.0/0 to send from my laptop to my vpn server and across the internet, except that I want whatever the subnet of the laptop is to be handled locally (it's usually an arbitrary /24 or /22, and there's no way to know what it will be.
On 8/24/2011 9:16 PM, Andreas Steffen wrote: > Hello, > > you can do this with strongswan-4.5.3 by defining a pass shunt policy > for the local net as shown in the following example scenario: > > http://www.strongswan.org/uml/testresults/ikev2/shunt-policies/ > > Regards > > Andreas > > On 08/25/2011 02:34 AM, Christ Schlacta wrote: >> is it possible to configure Strongswan + IKEv2 using charon as per usual >> in roadwarrior mode to specify that the networks to be accessible across >> the IKEv2 tunnel are to be ALL networks except the right hand subnet as >> it is known to the right side at the point in time of connection? I >> connect from numerous networks, and would like to be able to browse the >> local network with all traffic beyond the current subnet being sent >> along the VPN. > ====================================================================== > Andreas Steffen [email protected] > strongSwan - the Linux VPN Solution! www.strongswan.org > Institute for Internet Technologies and Applications > University of Applied Sciences Rapperswil > CH-8640 Rapperswil (Switzerland) > ===========================================================[ITA-HSR]== _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
