[Swan] Basic netkey routing issue
Erik Andersson
erik at ingate.com
Thu Mar 15 09:02:50 UTC 2018
On 2018-03-14 15:18, Paul Wouters wrote:
> On Wed, 14 Mar 2018, Erik Andersson wrote:
>
>> I've set up a simple scenario (following the example described in
>> https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
>>
>> The tunnels are established successfully.
>
>> ping: sendto: Network is unreachable
>
> The problem is that the packet is lost before it hits the IPsec
> machinery.
>
>> Please note that I have *not* configured any default gateway on the
>> gateways (since the gateways are connected to the same subnet). If I
>> add default gateway the icmp traffic flows as expected.
>
> So I guess, it would be nice if the updown script could auto-detect that
> there is no routing to the remote subnet, and add one in that case.
>
> Tuomo, do you think that can be done safely?
Thank you for the information! Good to know.
/Erik
>
> Paul
More information about the Swan
mailing list