Marco Berizzi <[EMAIL PROTECTED]> wrote:
>
> When I insert the rule number #601 packets to
> x.y.z.214 aren't ate by xfrm anymore. This
> happens when rp_filter is set to 1 on eth0.
> Disabling rp_filter on eth0 resolve the problem:
> xfrm eat the packets.
> Is this the expected behaviour? Why shou
Hello everybody.
AFAIK ipsec policy aren't related to routing
tables: if there is an ipsec policy to deliver
traffic, for example, from 192.168.0.0/16 to
10.0.0.0/8, xfrm will eat the packets ignoring
the routing table.
Here is the ipsec gateway schema:
[-] cisco ISP router default gateway
