Your reply reminded me that I added a dns to strongswan.conf. After removing it, it’s gone.
Thank you very much and happy new year. > On 3 Jan 2018, at 9:55 PM, Noel Kuntze > <[email protected]> wrote: > > Hi, > > It doesn't do that. That's caused by something else. > How do you test this? > > Kind regards > > Noel > > On 03.01.2018 14:53, Glen Huang wrote: >> Hi, >> >> I have this simple swanctl.conf >> >> connections { >> vpn { >> version = 2 >> pools = ios_pool >> local-psk { >> auth = psk >> } >> local-pubkey { >> auth = pubkey >> pubkeys = vpn.pem >> } >> children { >> home { >> local_ts = 0.0.0.0/0 >> } >> } >> } >> } >> >> pools { >> ios_pool { >> addrs = 192.168.37.0/24 >> dns = 8.8.8.8,8.8.4.4 >> } >> } >> >> secrets { >> ike-ios { >> secret = aaa >> } >> } >> >> I expect a connected client to have 8.8.8.8 and 8.8.4.4 as dns, but it >> actually also contains 127.0.0.1 in addition to the two. I wonder if it’s by >> design? How can I ask charon not to send the unspecified 127.0.0.1 dns? >> >> Regards >> Glen >> >
