[strongSwan] understanding openswan
Martin Willi
martin at strongswan.org
Fri Nov 15 09:55:56 CET 2013
> 1) If I create a host-to-net vpn (iOS to Debian) can I make the client
> (iOS) NOT send all the traffic through the VPN? I'd like only the
> communication with certain hosts to be over VPN
To use Split Tunneling with the native iOS IKEv1 client, you'll need the
unity extension. This extension allows you to define a non-0.0.0.0/0
leftsubnet the client has access to. See [1] for details. [2] is
certainly a good read if you are new to IPsec.
Regards
Martin
[1]https://wiki.strongswan.org/projects/strongswan/wiki/UnityPlugin
[2]https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
More information about the Users
mailing list