[Swan] Making Libreswan host connections go through the tunnel

Nick Howitt nick at howitts.co.uk
Thu Aug 16 13:09:39 UTC 2018


Use the left/rightsourceip - but only relevant at the local end.

On 16/08/2018 13:43, Bruno de Paula Larini wrote:
>
> Hi list!
>
> What would be the correct way to make Libreswan host connections go 
> through the tunnel (considering it isn't its own default gateway, of 
> course)?
> I'm using Libreswan 3.25.
>
> So far I was using this: ip route add <remote_network> via 
> <own_lan_gateway_ip> dev eth0
> Also added it in /etc/sysconfig/network-scripts/route-eth0 (it's a 
> Fedora 27, kernel 4.17 by the way).
>
> However I noticed that everytime I stop the Libreswan daemon, the 
> static routes that match the rightsubnets are flushed too.
> This doesn't happen on my CentOS 7.4 gateway (kernel 4.1), with 
> Libreswan 3.20.
> Right after a reboot, they also aren't present either.
> I always use 'systemctl' to do so. Running only 
> '/usr/libexec/ipsec/whack --shutdown' also removes them.
>
> Would this be a new expected behaviour? If yes, what would be an 
> alternative so the localhost connections can also go through the tunnel?
>
> Thanks!
> _______________________________________________
> Swan mailing list
> Swan at lists.libreswan.org
> https://lists.libreswan.org/mailman/listinfo/swan



More information about the Swan mailing list