[strongSwan] Access to gateway & firewall
martin at strongswan.org
Wed Jan 25 10:04:26 CET 2012
> Problem over here is that when I turn on firewall packets are rejected
> because origin of (decrypted) packets is eth0. Is there any possibility
> to route VPN traffic via dummy0, so firewall will see those as comming
> from dummy0?
I'm not aware of any method to change the interface identifier.
I'd recommend to adjust your firewall rules. Have a look at iptables
ipsec "policy" matching, it is rather powerful. It allows you to match
traffic that comes out of any (or even a specific) IPsec tunnel.
More information about the Users