[Swan] Android VPN not passing any traffic, OSX does work

[Paul Wouters]

On Wed, 8 Mar 2017, Viktor Keremedchiev wrote:

> I’ve adjusted the type to tunnel, although OSX clients work(ed) flawlessly.
>
> I removed marking but there is still no traffic from my android device
>
> Anything else I can try?

I don't know then. It should work fine. Perhaps "ipsec verify" logs a
few warnings ? Could be rp_filter or redirects or anything?

> Also is there a way to push search domains, and NOT just domains (modecfgdomain=)

No. That would be a security issue. However for IKEv2 we are working to
support https://tools.ietf.org/html/draft-pauly-ipsecme-split-dns which
does allow at least to specify multiple domains to forward via the VPN.

Paul