Hello,
The IPs of the VTI need to correspond to the IPs of the SAs (not the policies).
The exception (0.0.0.0) is described in the wiki article I linked you before.
Kind regards
Noel
On 30.11.2017 02:50, Naveen Neelakanta wrote:
> Hi Noel,
>
> Thanks i got the VTI working after i change the vt
Hi Noel,
Thanks i got the VTI working after i change the vti local and remote
ip to match to the SPD IPs. How ever
Is it possible to configure VTI interface with different Ip other than
the policys.
Working config:
ip tunnel add ipsec0 local 10.24.18.209 remote 10.24.18.35 mode vti okey 32
below
Hi,
Please follow the RouteBasedVPN article[1] to the letter and keep your routes
in the main routing table
to keep it simple. As soon as you have a working setup, THEN you can start
making changes.
Kind regards
Noel
[1] https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN
On
Hi All,
Need some guidance and help in getting the traffic routed via VTI (
ipsec0 ) interface.I am using the VTI interface to just mark the
traffic and forward.
I am not able to get the traffic forwarding via VTI( ipsec0) interface
and getting the traffic marked, so that it gets protected.
i ha
Hi All,
Need some guidance and help in getting the traffic routed via VTI (
ipsec0 ) interface.I am using the VTI interface to just mark the
traffic and forward.
I am not able to get the traffic forwarding via VTI( ipsec0) interface
and getting the traffic marked, so that it gets protected.
i ha