[Swan-dev] Opportunistic IPSec with wide clear policy issue
Kirill Logachev
logachev.k at gmail.com
Wed Nov 21 08:50:02 UTC 2018
Thanks for fixing the docs!
Yes, not specifying 0/0 in clear fixes the problem.
Priorities for the OE still seems a little confusing, probably some
documentation around it would be helpful.
Please let me know if I can help with it.
Kirill.
On Tue, Nov 20, 2018 at 7:42 AM Paul Wouters <paul at nohats.ca> wrote:
> On Thu, 15 Nov 2018, Kirill Logachev wrote:
>
> > Thank you for the confirmation!
> > We were following an example from here:
> https://libreswan.org/wiki/HOWTO:_Opportunistic_IPsec (3.3 Assign
> > networks).
>
> Thanks, I fixed the documentation.
>
> > Without the priority override it defaults to clear for all connections,
> so priority was just an attempt to
> > find a workaround (other than not to specify 0/0)
>
> So not specifying a 0/0 in clear and not using any priority fixed your
> issue?
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan-dev/attachments/20181121/72e0a923/attachment.html>
More information about the Swan-dev
mailing list