Strongswan IPSEC tunnel UP , but can not ping from node to node

mpa · July 10, 2020, 10:55am

changchichung:

routing table

Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         192.168.11.253  0.0.0.0         UG    0      0        0 eth0.2
192.168.11.0    *               255.255.255.0   U     0      0        0 eth0.2
192.168.15.0    *               255.255.255.0   U     0      0        0 br-lan

If you want to see the route for IPsec traffic:

ip route list table 220

However, since ping works now, I believe the routes are OK.

No, this IPsec configuration does not create a new network interface.

Try this: