On 1 June 2016 at 10:16, Patrick Wildt <patr...@blueri.se> wrote: > Hi, > > Currently there is only one address pool which is either v4 or v6. > This means that we cannot have dual-stack VPNs via iked. Clients > then might tunnel all IPv4 traffic, but IPv6 traffic is still using > the non-encrypted default route, which might be a security issue. > To enable dual-stack IKEv2, set up a second address pool which is > specifically for v6. > > Patrick >
Looks alright to me. OK mikeb
