Actions
Bug #8628
closed
IPsec VTI - P2 "remote network" field accepts only host address
Start date:
07/10/2018
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.4.4
Affected Architecture:
Description
In routed IPsec you can specify "remote network" - but in fact "mask" field is grayed out. You can set only a host (/32) address, what is reflected in routing table:
192.168.152.1 link#7 UH 9 1400 ipsec1000
This setting seems not be useful because we are routing networks, not just hosts across routed ipsec tunnel.
I think there are two options - 1) remove "Local/Remote Network" fields and let do all the routing via assigned VTI interface with separately configured static or dynamic routes.
2) Allow to set static network (not just /32 host) routes under P2
Version - 2.4.4-CE Mon Jul 09 16:03:52 EDT 2018
Updated by
Actions