[strongSwan] rightsubnet=0.0.0.0/0 ???
Florin Andrei
florin at andrei.myip.org
Tue May 5 03:05:48 CEST 2015
Looking to create an IPSec tunnel between Strongswan and a Cisco 72xx
box. The remote end has a large set of fragmented subnets behind the
firewall. Maintaining that long list would be difficult. I want to
basically push all outbound traffic through VPN. What's the best way to
accomplish that?
I'm thinking to do something like:
leftsubnet=localnet/24
rightsubnet=0.0.0.0/0
Am I correct to assume this would push all outbound traffic through the
VPN tunnel?
However, what will happen to the default route on the VPN machine? Will
the tunnel work correctly with that rightsubnet?
Also, I assume I will not be able to ssh into the VPN machine except
from the localnet, is that right?
--
Florin Andrei
http://florin.myip.org/
More information about the Users
mailing list