Hello Daniel, I have replace the "right= a.b.c.d" with the valid IP-Addr. from the VPN Gateway.
Thanks, for your help ;-)) Andreas -----Ursprüngliche Nachricht----- Von: Daniel Mentz [mailto:danielml+mailinglists.strongs...@sent.com] Gesendet: Samstag, 4. Juli 2009 16:13 An: users@lists.strongswan.org Cc: Andreas Ascheneller Betreff: Re: [strongSwan] Ipsec routing / policy when leftside is part of rideside network Andreas Ascheneller wrote: > So now it works ;-) Great! > I have done the following steps; > > 1.) I have add your "conn" to my ipsec.conf. > conn pass > leftsubnet=172.16.0.16/29 > rightsubnet=172.16.0.16/29 > left=%defaultroute > right=a.b.c.d > type=passthrough > authby=never > auto=route I meant that you replace "right=a.b.c.d" by some valid IP address. Although "right=" should not be required for this kind of passthrough connection. Strongswan still requires it though. The error message is "cannot route Road Warrior template" if you leave out "right=". @strongSwan core team: Do we really need "right=" for this type of connection. It shouldn't be required because there's no remote peer. Thanks Daniel > > 2.) I have add routing entries, see the console output under > http://www.strongswan.org/uml/testresults42/ikev1/passthrough/console.log > ip rule add pref 50 table 50 > ip route add 172.16.0.16/29 via 172.16.0.17 table 50 > > Now when I start ipsec, the ping on the local network works! _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users
