yes, my bad, i remove my custom updown script and is working ok.
In my case i only set leftsourceip=<lan gateway ip>, no need to set
proxy_arp = 1.
Thanks again for point me the right direction!!
Saludos / Regards / Cumprimentos,
António silva
On 04/18/2017 05:57 PM, Tuomo Soini wrote:
On Tue, 18 Apr 2017 17:14:34 +0200
Antonio Silva <[email protected]> wrote:
Sorry, i reply to soon... actually the only option that work was
leftupdown="ipsec _updown.netkey --route yes" .
the leftsourceip work because of route caching because of previous
test with leftupdown command, but after rebooting the server with
this option set no traffic to lan addresses.
Also note you can not expect leftsourceip= to work if you change to
non-default updown script.
_______________________________________________
Swan mailing list
[email protected]
https://lists.libreswan.org/mailman/listinfo/swan
