Hello Eric,
> 01[KNL] creating acquire job for policy
> fc00:2518::221:9bff:fe98:854b/128[udp/60525] ===
> fc00:2518::10:125:56:9/128[udp/1025] with reqid {10}
If your policy triggering the tunnel covers all traffic, of course any
ICMP messages are covered by this policy, too. So the name resolution
won't work, and the tunnel can't be established.
Try to install a passthrough policy using the "type" ipsec.conf option
(requires strongSwan 4.5.3 if you want to do this with charon). You can
limit this policy to ICMPv6 and the required types using
left/rightprotoport options.
Regards
Martin
_______________________________________________
Users mailing list
[email protected]
https://lists.strongswan.org/mailman/listinfo/users
