[strongSwan] Filtering decap'd traffic on the strongswan GW

Tobias Brunner tobias at strongswan.org
Wed Apr 20 15:40:07 CEST 2016

Hi Eric,

> There are FORWARDing rules in place installed by strongswan for ipsec
> for the two respective subnets.

Doesn't this already answer your question?

> Which chain, if any, would handle filtering th deencapsulated traffic
> from the tunnel going out from the gateway to the left subnet?


More information about the Users mailing list