no-route a.k.a X-CSTP-Split-Exclude configure on ocserv not working with openconnect cli/gui
Daniel Lenski
dlenski at gmail.com
Tue Apr 10 20:03:46 PDT 2018
On Mon, Apr 9, 2018 at 1:37 AM, Kee K Y CHEN <keekychen at gmail.com> wrote:
> Do you mind to check why X-CSTP-Split-Exclude not triggering local
> routing commands rewrite local routing table?
openconnect can read split-exclude subnets for all supported
protocols, and provides them to the routing configuration script
("vpnc-script") in the CISCO_SPLIT_EXC environment variables.
However, the standard vpnc-script script does *not* actually handle
split-exclude variables in any way. Figuring out how to handle
"split-excludes" in a general and cross-platform way is pretty tricky.
See the patches on this thread for more details:
http://lists.infradead.org/pipermail/openconnect-devel/2017-October/004530.html
You might want to test and give feedback on those patches if they work for you.
Dan
More information about the openconnect-devel
mailing list