[Swan] Making Libreswan host connections go through the tunnel
Bruno de Paula Larini
bruno.larini at riosoft.com.br
Thu Aug 16 12:43:18 UTC 2018
Hi list!
What would be the correct way to make Libreswan host connections go
through the tunnel (considering it isn't its own default gateway, of
course)?
I'm using Libreswan 3.25.
So far I was using this: ip route add <remote_network> via
<own_lan_gateway_ip> dev eth0
Also added it in /etc/sysconfig/network-scripts/route-eth0 (it's a
Fedora 27, kernel 4.17 by the way).
However I noticed that everytime I stop the Libreswan daemon, the static
routes that match the rightsubnets are flushed too.
This doesn't happen on my CentOS 7.4 gateway (kernel 4.1), with
Libreswan 3.20.
Right after a reboot, they also aren't present either.
I always use 'systemctl' to do so. Running only
'/usr/libexec/ipsec/whack --shutdown' also removes them.
Would this be a new expected behaviour? If yes, what would be an
alternative so the localhost connections can also go through the tunnel?
Thanks!
More information about the Swan
mailing list