Strongswan configuration to Cisco

view story

http://serverfault.com – We have an issue configuring Strongswan to a Cisco router. The connection is made, but I'm not getting the routing correct. There are multiple networks behind the router on the remote side (operated by a vendor) and we need to snat the IP's we come from to match their assigned range (so it routes back to us). ipsec status shows the connection: 000 "vpn":[]:47/0---[]:47/0===; erouted; eroute owner: #31 000 "vpn": newest ISAKMP SA: #29; newest IPsec SA: #31; 000 000 #31: "vpn" STATE_QUICK_I2 (sent QI2 (HowTos)