[strongSwan] How to tunnel traffic towards the public IP of the remote gateway?

Tiago Vasconcelos tiago.o.vasconcelos at gmail.com
Thu Apr 16 18:09:54 CEST 2015

My understanding is that only traffic towards the subnets declared in:


is tunnelled and, therefore, encrypted. Whereas traffic towards the IP
address of the remote gateway declared in:


is routed outside of the tunnel.


    Gateway Sun address (WAN-facing):  (fictitious)
    Subnet behind Sun eth1 (LAN-facing):

    Traffic traffic with a destination IP of is tunnelled.
    But SMTP traffic with a destination IP of is not

In the Cisco world it's apparently possible to tunnel non-IPsec traffic
towards the remote gateway public IP address.
Can strongSwan do this as well?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20150416/4c70dad6/attachment.html>

More information about the Users mailing list