On 29.01.2017 22:23, Dusan Ilic wrote: > The following is my Strongswan servers routing table (default routes). > > nexthop via 90.225.x.x dev vlan845 weight 1 > nexthop via 10.248.x.x dev ppp1 weight 256 > nexthop via 85.24.x.x dev vlan847 weight 1 > nexthop via 46.195.x.x dev ppp0 weight 1
Please don't replace IPs with the useless text "nexthop". If you replace them, replace them with values that make sense. > Strongswan listens on vlan847 so that's where the remote access clients are > connecting, and also their internet traffic are going out that interface, > despite ppp1 has the highest priority. Every LAN-client on the Strongswan > network are primarily using ppp1, so the routing do work locally, but not for > the VPN-clients. What's in table 220? The kernel handles the traffic, so it has to obey the routing rules and -tables. Maybe disable the installation of routes in strongSwan.conf, if there are routes in table 220 and you don't need the. Remove parts you don't necessarily need. You need to take a look at your iptables and routing rules, if you use policy based routing. -- Mit freundlichen Grüßen/Kind Regards, Noel Kuntze GPG Key ID: 0x63EC6658 Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
