Bug #9036
closed
The bypasslan feature should be configurable for any interface.
0%
Description
In StrongSwan, the bypasslan feature is configurable for any interface.
However, in pfsense we are limited to only the interface labeled LAN.
This will force us to use route VTI, which we really don't want to use as:
1. Strongswan lists routevti and bypasslan as incompatible
2. We don't want to have to start carving out /30 subnets to make route based VPNs to work.
Please make bypasslan configurable for any interface.
Note: This seems to say bypasslan and route based lans are incompatible. Is this true for the pfsense implementation?
https://wiki.strongswan.org/projects/strongswan/wiki/Bypass-lan
Updated by Jim Pingle about 6 years ago
- Status changed from New to Duplicate
Duplicate of #5826
Please post questions on the forum before opening issues, this isn't a site for discussion and support.
Updated by NCATS LAB about 6 years ago
Thank-you, it is not easy to find the correct/applicable entries in the forum.
I am not attempting dialogue so much as requesting udpates/changes.
1. Please make bypass LAN configurable for every interface.
2. Please provide documentation in the manual for the bypasslan/"route based VPN" incompatibility, if what I read on the StrongSwan site follows to PFSense.
Updated by NCATS LAB about 6 years ago
I see this was changed to Duplicate
Can we change it to feature request?
Updated by Jim Pingle about 6 years ago
It is a duplicate of issue #5826 which covers the same request.