[strongSwan] Net-to-Net wrong source IP of VPN server.

Lukas Hejmal lukas at hejmal.eu
Mon May 2 10:54:51 CEST 2016

Hello Tobias,

thanks for reply. Route is indeed installed, but it is:

# ip route list table 220 via dev eth0.2  proto static  src

where is locally attached, publicly reachable IP address and is default gw for this public IP address. Therefore it is 
sending all traffic for via internet and all delivery 
fails as it is internal subnet.

I would expect there something like: ...  proto static  src

On 5/2/2016 10:31, Tobias Brunner wrote:
> Hi Lukas,
>> Is there any
>> way(config in ipsec.config file or iptables rule) how can I force VPN_A
>> box to use source IP each time it is sending traffic to
> Appropriate routes should get installed in routing table 220
> automatically (check with `ip route list table 220`).  If hat's not the
> case check the log for errors.
> Regards,
> Tobias

More information about the Users mailing list