[strongSwan] Is there good documentation on Netfilter/iptables strategies with strongSwan?

Whit Blauvelt whit at transpect.com
Sat Sep 23 21:00:54 CEST 2017

On Sat, Sep 23, 2017 at 10:58:11AM -0400, Eric Germann wrote:
> First off in AWS, if you’re going to be a router, have you disabled
> “Source/Destination Check” (or something to that effect) in the instance
> properties? If not, the instance will work across the tunnel, but you
> won’t be able to route through it.

Thanks Eric. I had already done that; it has been disabled this whole time.

I've also done the other obvious stuff, such as turning of rp_filter,
turning on forwarding....

Hopefully someone can point me in the right direction to answer my Netfilter


More information about the Users mailing list