Hello I have following setup with 4.6.4 and charons:
client--gateway1----gateway2---services So, there is site2site connection between gateway1 (gw1) and 2 (gw2). In gw1, ipsec.conf has: leftsubnet=client-subnet/24 rightsubnet=service-subnet/24. With this setup, gw1 creates routing table 220 with contents: # ip route show table 220 service-subnet/24 via gw1-default-gw dev eth0 proto static src gw1-eth0-address , and this works okay. But the problem is, when I would like to negotiate traffic selector with 0.0.0.0/0, so gw1, ipsec.conf has: leftsubnet=client-subnet/24 rightsubnet=0.0.0.0/0 Now, gw1 negotiates traffic fine, but no ESP ever leaves the gw1. Gw1 creates routing table 220 with contents: default via gw1-default-gw dev eth0 proto static src gw1-eth0-address If I delete this routing table, traffics starts to work. My questions are: Why are these routes created? can I prevent the creation of routes with some option and can it cause problems? Best Regards, Kimmo _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
