Hi, > Aug 7 12:06:03 A0089-Mint1 charon: 09[CFG] proposing traffic selectors for > other: > Aug 7 12:06:03 A0089-Mint1 charon: 09[CFG] 10.2.0.0/24 > Aug 7 12:06:03 A0089-Mint1 charon: 09[CFG] changing proposed traffic > selectors for other: > Aug 7 12:06:03 A0089-Mint1 charon: 09[CFG] 0.0.0.0/0
The unity plugin widens the traffic selector as initiator, to later dynamically reduce it to what has been negotiated with the Split-Include Unity extension. If the plugin is enabled, this is done on all connections where the Unity Vendor ID has been received, which is likely with Cisco boxes. I've recently pushed a patch [1] which disables that behavior if no Split-Include attribute has been received on the connection. Please try that patch, I think it should fix this issue. Regards Martin [1]http://git.strongswan.org/?p=strongswan.git;a=commitdiff;h=1a62fb0a _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
