[strongSwan] http proxy through tunnel

Matthew Summers msummers42 at gmail.com
Fri Nov 17 23:49:49 CET 2017

On Fri, Nov 17, 2017 at 12:21 PM, Joe Lippa <joe at jjssoftware.co.uk> wrote:

> Thank you. I've read about streisand in the past but I was put off by the
> volume of software and services it installs.
> I see it does install tinyproxy for use with its openvpn service however I
> already have a nice lightweight VPN setup which is based on strongswan
> ikev2 and this setup is "just enough" of a software footprint for me to
> have to maintain.
> I'm sure streisand will be an option for some people but it's not for me.
> The search for an example of how to configure a http proxy server
> alongside a strongswan VPN tunnel continues 🙂

Streisand just looks like a composition of a bunch of things which you
could, in looking for an example, pick apart how it works. I think all you
would need to do is have your proxy listen on the localhost of your gateway
and then ensure your ipsec.conf allows you to talk to the gateway itself

left|righthostaccess = yes | no

inserts a pair of INPUT and OUTPUT iptables rules using the default ipsec
_updown script,
thus allowing access to the host itself in the case where the host's
internal interface is part
of the negotiated client subnet.

I'd expect there are a large number of folks on here that could tell you a
million other ways to do it too.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20171117/c757f517/attachment.html>

More information about the Users mailing list