[strongSwan] Tunnel the traffic of router itself
Zesen Qian
strongswan-users at riaqn.com
Mon Jan 12 15:23:13 CET 2015
Hello list,
I 'm configuring strongswan of 10.0.0.0/24 === 0.0.0.0/0, and do a
MASQUERADE on the other side.
By now clients in the LAN(10.0.0.80) can see its traffic being
tunnelled. Now my question is, is there any way to tunnel the traffic of
router itself? Yes, if I send a IP packet with src=10.0.0.1 then it will
be tunnelled, but consider a packet with src=22.22.22.22, which is the
public IP of my router, it won't be tunneled?
BTW, I noticed that StrongSwan will insert a route table with something
like:
# ip route list table 220
default dev is0 proto static src 10.0.0.1
10.0.0.0/24 dev enp0s29f7u2u4 proto static src 10.0.0.1
The src field seems to be related to my question, but I was told that it
's only a 'hint' to local bind() call, and won't have effect on packet
already with a src field.
Any comments is appreciated.
--
Zesen Qian (钱泽森)
More information about the Users
mailing list