[Swan] Making Libreswan host connections go through the tunnel
Nick Howitt
nick at howitts.co.uk
Thu Aug 16 13:09:39 UTC 2018
Use the left/rightsourceip - but only relevant at the local end.
On 16/08/2018 13:43, Bruno de Paula Larini wrote:
>
> Hi list!
>
> What would be the correct way to make Libreswan host connections go
> through the tunnel (considering it isn't its own default gateway, of
> course)?
> I'm using Libreswan 3.25.
>
> So far I was using this: ip route add <remote_network> via
> <own_lan_gateway_ip> dev eth0
> Also added it in /etc/sysconfig/network-scripts/route-eth0 (it's a
> Fedora 27, kernel 4.17 by the way).
>
> However I noticed that everytime I stop the Libreswan daemon, the
> static routes that match the rightsubnets are flushed too.
> This doesn't happen on my CentOS 7.4 gateway (kernel 4.1), with
> Libreswan 3.20.
> Right after a reboot, they also aren't present either.
> I always use 'systemctl' to do so. Running only
> '/usr/libexec/ipsec/whack --shutdown' also removes them.
>
> Would this be a new expected behaviour? If yes, what would be an
> alternative so the localhost connections can also go through the tunnel?
>
> Thanks!
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan
More information about the Swan
mailing list