Thanks Martin! Quick question, If I understand you well, it's a global setting. Are you planning to add a knob under the conn itself? It would be nice to be able to control it per conn.
Regards, Olivier > Subject: Re: [strongSwan] Strongswan using VTI - got it working! > From: [email protected] > To: [email protected] > CC: [email protected]; [email protected]; [email protected] > Date: Fri, 19 Dec 2014 15:07:09 +0100 > > > > Question: what is the use of that table 220? Do we have a CLI to avoid > > Strongswan installing that route? It's not necessary in case of VTI. > > strongSwan installs routes for negotiated policies to a dedicated > routing table mainly for two reasons: > * Avoid any conflicts with the main routing table, for example > with the default route > * Ignore routes from this table when doing route lookups for IKE > traffic; IKE packets should always bypass the tunnel. > > To disable automatic route installation, set the install_routes option > to no in the strongswan.conf "charon" section. The routing_table and > routing_table_prio options allow you to customize installation of > routes. > > Regards > Martin >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
