[strongSwan] Roadwarrior: automatically add SNAT rules for bridged VMs/Docker containers?
Richard Chan
richard at treeboxsolutions.com
Sat Nov 5 04:20:16 CET 2016
1. Roadwarrior scenario ike2/rw-cert 'carol'. carol has a bridged network
for VMs and docker containers. I would like the roadwarrior to SNAT the VM
network to 'moon' (same rightsubnet) automatically when the tunnel is up.
I do not want to expose the bridged network to the central site (ie. not
site2site). Anyway the bridged network subnet is up to the roadwarrior to
choose.
2. So after connection 'home' is up:
ip ro sho table 220
10.1.1.0/24 via 192.168.1.1 dev eth0 proto static src 10.2.0.1
With bridged network 192.168.122.0/24 on carol, I need the following rule
iptables -t nat -I POSTROUTING -j SNAT -s 192.168.122.0/24 -d 10.1.1./24
--to-source 10.2.0.1
where I need to extract rightsubnet and the leftsourceip somehow.
Any suggestions?
--
Richard Chan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161105/86278d50/attachment.html>
More information about the Users
mailing list