Hi Plevin, >> conn client-1-bypass >> left=192.168.0.1 >> right=192.168.0.2 >> rightsubnet=192.168.0.2[tcp/5001] >> leftfirewall=yes >> type=passthrough >> authby=secret >> auto=add
You configured this like a regular connection (left|right specified, leftfirewall=yes, authby=secret, auto=add). So this might get established like one. Instead you should set at least right to 127.0.0.1 so it won't get used as responder, and configure the traffic selectors via left|rightsubnet (e.g. leftsubnet=192.168.0.1/32, rightsubnet=192.168.0.2/32[tcp/5001]). leftfirewall=yes has no effect here, so if you need firewall rules to allow that traffic you have to install them yourself. And to install the policies when the config is loaded use auto=route. Same on the other host: >> conn server-bypass >> right=127.0.0.1 >> leftsubnet=192.168.0.2/32[tcp/5001] >> rightsubnet=0.0.0.0/0 >> type=passthrough >> auto=route Regards, Tobias _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
