Hello,
Just use a passthrough policy, if you use a policy based IPsec tunnel.
Kind regards
Noel
Am 26.09.18 um 22:17 schrieb Phil Frost:
> There are other possible solutions, but my inclination would be to run
> strongswan and any other VPN related services in a distinct network
> namespace.
There are other possible solutions, but my inclination would be to run
strongswan and any other VPN related services in a distinct network
namespace. This would not only address your issue, but it also prevents
accidentally "crossing the streams" between the VPN and other public
networks to which
I've done some searching and am not finding any info on this. We had a client
who wanted to offer a /16 as his right subnet and his outside peer IP of his
ASA fell into the /16 they were offering. With a cisco ASA this is a non issue
as in this type of scenario cisco exempts out that single