Hi What is your pretense? Charon does not manage VTI devices. You as administrator need to manage them. Either manually or via scripts. It also does not make sense to have them managed by the keying daemon, because the common use case for them is to connect static sites and use dynamic routing over the tunnel. Furthermore, you shouldn't use config mode or request VIPs at all, because they serve no purpose in site-to-site scenarios. Neither on the initiator, nor on the responder.
Kind regards Noel On 12.10.2017 17:18, Cao, Jean wrote: > > Hi: > > > > We are trying to configure a Route-based VPN using the instruction and > example script here: > https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN > > > > We have had the vti interface created, but the ${PLUTO_MY_SOURCEIP} is empty. > Therefore, no IP address is attached to the vti. Can anyone provide any > tips? > > > > Thanks! > > Jean >
signature.asc
Description: OpenPGP digital signature
