[strongSwan] Access to gateway & firewall

[Martin Willi]

Hello Radek,

> Problem over here is that when I turn on firewall packets are rejected 
> because origin of (decrypted) packets is eth0. Is there any possibility 
> to route VPN traffic via dummy0, so firewall will see those as comming 
> from dummy0?

I'm not aware of any method to change the interface identifier.

I'd recommend to adjust your firewall rules. Have a look at iptables
ipsec "policy" matching, it is rather powerful. It allows you to match
traffic that comes out of any (or even a specific) IPsec tunnel.

Regards
Martin