[strongSwan] Setup site-to-site VPN via central server
Martin Sand
dborn at gmx.net
Fri Jul 8 23:18:36 CEST 2016
Hi all. I am searching the internet for days to find some information on
how to setup a site-to-site VPN via a central server.
Maybe someone can point me in the right direction or to the right HowTo?
We have two home networks running on OpenWRT routers with dynamic IPs
and I have a virtual server on the internet with Strongswan.
Authentication is done via Certs/Keys.
192.168.0.0/24 -- 192.168.0.1 (gateway/nat) == vpn.example.org ==
192.168.2.1 (gateway/nat)-- 192.168.2.0/24
vpn.example.org has a static ip address and a network card.
There are basically 2 separate questions:
1. Do I need to setup ip route on vpn.example.org?
2. What are the right iptables to route traffic from the two home
networks to each other?
Maybe there are other solutions for this problem.
But since I did not find so many solutions on the Internet I am
particular interested in this solution.
Alternatively I could use DynDNS on both gateways, but this would be too
easy, wouldn't it?
Best regards
Martin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160708/9c468697/attachment.html>
More information about the Users
mailing list