Hi Dirk, > With active "Use default gateway on remote network" option, windows > seems to use my default internet connection as default gateway, so that > traffic is not encrypted.
How did you test that? What hosts did try to access? > I'll attach the routing table: > The local router is always placed first in the table. The order doesn't matter. The metric is the important bit. The default route installed when the VPN connection is established has a way lower metric than the updated previous default route: > Netzwerkziel Netzwerkmaske Gateway Schnittstelle Metrik > > 0.0.0.0 0.0.0.0 192.168.1.1 192.168.1.137 4250 > > 0.0.0.0 0.0.0.0 Auf Verbindung 10.1.1.21 26 So most traffic should actually be routed via VPN. An exception is traffic into your local LAN (192.168.1.0/24) for which a separate route is installed. Regards, Tobias _______________________________________________ Users mailing list Users@lists.strongswan.org https://lists.strongswan.org/mailman/listinfo/users