-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Hello Christian,
I doubt that. A passthrough policy tells the XFRM part of the kernel to *not* do any IPsec processing for the matching packets. That means that it does *not* touch the packets. The *only* thing a passthrough policy in strongSwan does is install passthrough policies into the SPD. > I have a VPN-Gateway with a local subnet of 10.1.13.0/24 and IP 10.1.13.1. > Than this Gateway should > connect with another subnet (10.1.0.0/16) via strongswan. The problem now is > that clients in the local > lan (10.1.13.0/24) should can ping the gateway at 10.1.13.1 but > that is not > working at the moment. > For me it seems to be the passthrough connection… Can you reach the other hosts using DPD? Make sure that your firewall rules don't drop or reject the packets. - -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQIcBAEBCAAGBQJV6dYpAAoJEDg5KY9j7GZYrvwP/jNFsRWnNFecmLtR1Ek1IE3u AEf8yDnxB9PrmRwCkihlIemgHb2+Nd5hk6K9bJZAa5CKkDO3bG2HOmnlPT62wZDs tFI5VWMK0bi3pReAer4glAivsXl0BpO6qxmasvYVdtmktgY1FxVqhW7hSeSf0yrf lMN6oWMKG2uZeQEApkFabt1u9nHGmkrLfmVT76N5IS3E4a3Q08id0H7lf4qSQnAv gT0l0v1Up8faF2KkV5OnvK9t7VI8VuLv+rJwkuvxdSPxzVR5x2ZAItgOCPTT5yau 0OJDtj2JjCvXrFWWuJPUDkrWaHUpVPYqOrlcmxEz4l/R7RtSkSp6G3IsAH6E8U/9 YqZh382bo4guESsgZdxu6ADdgO9TnAy9tr2eB6AATFQ4xnOJPjL244n87L2wXIPn 9TIeO2Sdm7Q9qh1I8pI9MPV1bIwYS3TskG6Ml4fivwkGTiGrXMGSfMgWldaUm9L+ DjXUdN7wRyc85wJVQ8wygog+epLyDlJI9obimuI9EycHT1937oMih4v1mR3RSBEi 8dwDK5al7nsb7mtNKznaY7iCcDo9qZBEePDmdq/NWm3z7lg2wTJLsBHU0FsopqmC 4aLivmUlQDqVY7iuWnDb3Ny1Rd1GACPKOj4pMh45/3QJ4n+sSh9I3qOlcPbIzPW3 rsacR2wZZ6lV+qBePriM =bA3h -----END PGP SIGNATURE----- _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
