[Swan] Various problems with VTI on Gentoo (with Cisco IOS as a client)
Paul Wouters
paul at nohats.ca
Tue Sep 27 23:50:02 UTC 2016
On Tue, 27 Sep 2016, Nick Howitt wrote:
> Following this thread, wouldn't it be better to have Libreswan ignore any
> non-compatible settings when vti-routing=no, and perhaps log warnings when
> the conn is loaded, rather than rely on a note on the wiki which is liable to
> get overlooked?
Yes, the wiki page should not be the only place of such information.
For mtu= we can detect VTI is being used and instead just set the mtu of
the vti interface.
I am thinking that perhaps we should disallow leftsourceip/rightsourceip
when vti-interface is used? But I wouldnt want to limit options if there
are good use cases for this. So I'd rather leave it open for now and
see.
Paul
More information about the Swan
mailing list