[Swan] Basic netkey routing issue
Paul Wouters
paul at nohats.ca
Wed Mar 14 14:18:18 UTC 2018
On Wed, 14 Mar 2018, Erik Andersson wrote:
> I've set up a simple scenario (following the example described in
> https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
>
> The tunnels are established successfully.
> ping: sendto: Network is unreachable
The problem is that the packet is lost before it hits the IPsec
machinery.
> Please note that I have *not* configured any default gateway on the gateways
> (since the gateways are connected to the same subnet). If I add default
> gateway the icmp traffic flows as expected.
So I guess, it would be nice if the updown script could auto-detect that
there is no routing to the remote subnet, and add one in that case.
Tuomo, do you think that can be done safely?
Paul
More information about the Swan
mailing list