On Wed, 14 Mar 2018, Erik Andersson wrote:
I've set up a simple scenario (following the example described in
https://libreswan.org/wiki/Subnet_to_subnet_VPN_with_PSK).
The tunnels are established successfully.
ping: sendto: Network is unreachable
The problem is that the packet is lost before it hits the IPsec
machinery.
Please note that I have *not* configured any default gateway on the gateways
(since the gateways are connected to the same subnet). If I add default
gateway the icmp traffic flows as expected.
So I guess, it would be nice if the updown script could auto-detect that
there is no routing to the remote subnet, and add one in that case.
Tuomo, do you think that can be done safely?
Paul
_______________________________________________
Swan mailing list
Swan@lists.libreswan.org
https://lists.libreswan.org/mailman/listinfo/swan
