[strongSwan] Split tunneling with Strongswan 5.x
kgardenia42 at googlemail.com
Wed Nov 14 17:58:04 CET 2012
If I wanted to *only* tunnel traffic destined for (say) 172.16.32.0/24
but wanted the (IOS based, IKEv1) clients to send everything else
direct (not via the VPN tunnel). (I believe this is called
split-tunneling but maybe that is not correct).
It seems that the mechanics of that should be to push out a route to
the client which it should tunnel data destined for. I have read the
manual and am wondering if "rightsubnet" serves this purpose?
Currently I have this set to 0.0.0.0/0 for my config.
Am I on the right track with rightsubnet or otherwise how should i go
about this? I just need some rough pointers. Or do I need a plugin
More information about the Users