I forgot to mention that I see the following in the log: Mar 20 17:36:42 zeus charon[4136]: 14[KNL] getting a local address in traffic selector 172.16.48.16/28 Mar 20 17:36:42 zeus charon[4136]: 14[KNL] no local address found in traffic selector 172.16.48.16/28
On 20 March 2015 at 17:48, Bas van Dijk <[email protected]> wrote: > Hi Tobias, > > Sorry for the late reply. > > It seems my strongswan doesn't setup the route since `ip route list > table 220` doesn't show anything. I think I'm suffering from bug: > https://wiki.strongswan.org/issues/197. > > As a work-around I will try to manually add the route: > > 10.180.0.0/16 via <default GW> dev eth0 proto static src 172.16.48.16 > > Cheers, > > Bas > > On 18 February 2015 at 17:03, Tobias Brunner <[email protected]> wrote: >> Hi Bas, >> >>> So am I right that the only thing left to do is configure my system so >>> that packets to hosts on the 10.180.0.0/24 subnet appear to come from >>> a host on the 172.16.48.16/28 subnet? >>> >>> To accomplish this I already added the additional IP address >>> 172.16.48.16 to my NIC (besides the DHCP configured 192.168.42.162). >>> >>> What's the next step? Do I need to add a route or some iptables rule? >> >> strongSwan should find the address you added to the NIC and install an >> appropriate route to routing table 220 automatically. You may check >> with `ip route list table 220`. This route will look similar to this: >> >> 10.180.0.0/16 via <default GW> dev eth0 proto static src 172.16.48.16 >> >> This should force 172.16.48.16 as source address for packets sent to >> hosts in 10.180.0.0/16. (Depending on how the other peer is configured >> you might want to try a different IP from your source subnet e.g. .17, >> because .16 is the network ID, while .31 is the broadcast address). >> >> Regards, >> Tobias >> _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
