[strongSwan] policy based routing

Balázs Keresztury rek_lama at freemail.hu
Thu Nov 5 11:43:14 CET 2015


I'm using Linux strongSwan U5.1.2/K3.19.0-32-generic on Ubuntu 14.04LTS and having some trouble tuning policy based routing. 

I have two ethernet interfaces on two different subnet. 
- eth0: VLAN33
- eth1: VLAN2 

strongSwan assigns virtual IPs to road warrior clients from VLAN2. My goal is to accept connections on VLAN33, but to route every client traffic through eth1. 

Connection initiates correctly, traffic flows almost as it should. The main problem is that some of the traffic goes through eth0, and I don't know why. I have used tcpdump to analyze traffic.


Here are some config files:

Am I missing anything?

More information about the Users mailing list