Hello, Apologize for the huge delay but I had many things going on. I will try to restart my environment in a few days. I will paste the Cisco config + the Strongswan side. I'm sure it can be useful for someone.
Regards Date: Fri, 19 Dec 2014 15:37:32 +0100 From: [email protected] To: [email protected] Subject: Re: [strongSwan] Strongswan using VTI - got it working! Hi! It would be wonderful if you could document your setup in an email to the list, inluding kernel version. I would even create an Wiki Article for it, if it's allowed. Kind regards, André Am 19.12.2014 um 15:11 schrieb Olivier PELERIN: Thanks Martin! Quick question, If I understand you well, it's a global setting. Are you planning to add a knob under the conn itself? It would be nice to be able to control it per conn. Regards, Olivier > Subject: Re: [strongSwan] Strongswan using VTI - got it working! > From: [email protected] > To: [email protected] > CC: [email protected]; [email protected]; [email protected] > Date: Fri, 19 Dec 2014 15:07:09 +0100 > > > > Question: what is the use of that table 220? Do we have a CLI to avoid > > Strongswan installing that route? It's not necessary in case of VTI. > > strongSwan installs routes for negotiated policies to a dedicated > routing table mainly for two reasons: > * Avoid any conflicts with the main routing table, for example > with the default route > * Ignore routes from this table when doing route lookups for IKE > traffic; IKE packets should always bypass the tunnel. > > To disable automatic route installation, set the install_routes option > to no in the strongswan.conf "charon" section. The routing_table and > routing_table_prio options allow you to customize installation of > routes. > > Regards > Martin > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users Mit freundlichen Grüßen André Valentin Systemadministrator -- MarcanT GmbH, Ravensberger Str. 10 G, D - 33602 Bielefeld Fon: +49 (521) 95945-0 | Fax: +49 (521) 95945-18 URL: http://www.marcant.net | http://www.global-m2m.com Internet * Netzwerk * Mobile Daten Citrix Silver Solution Advisor Geschäftsführer: Thorsten Hojas Handelsregister: AG Bielefeld, HRB 35827 USt-ID Nr.: DE 190203238 ___________________________________________________________ Ausserhalb unserer Geschäftszeiten (Montag bis Freitag von 8:30 Uhr bis 17:30 Uhr, ausgenommen gesetzliche Feiertage in NRW) stehen wir Ihnen gemäß Ihrer jeweiligen Service-Level-Agreements unter der Ihnen mitgeteilten Telefonnummer für Störungen und Notfälle zur Verfügung. Sie können natürlich auch gerne jederzeit unter [email protected] ein Ticket eröffnen, welches am nächsten Arbeitstag bearbeitet wird. _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
