Hi, > Once the tunnel is established, SSH packet is getting encrypted and > is working fine. But if I try to reach the server via any other proto > like ICMP (ping), I'm not getting the reply on the client side.
How does your configuration look like? Do you use a virtual IP assigned to the client? Please be aware that strongSwan installs routes for IPsec tunnels (with IKEv2 in routing table 220). This route does not respect any port information, but addresses only, hence you'll end up with a route covering all traffic to your server. Depending on your setup, this might prevent non-IPsec traffic to get routed properly. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
