[strongSwan] Setup site-to-site VPN via central server

[Tobias Brunner]

Hi Martin,

> There are basically 2 separate questions:
> 1. Do I need to setup ip route on vpn.example.org?

What do you mean?

> 2. What are the right iptables to route traffic from the two home
> networks to each other?

Depends on the existing firewall configuration.  But traffic between the
subnets must be permitted in the FORWARD chain.  strongSwan will install
such rules with leftfirewall=yes.

Regards,
Tobias