[strongSwan] Is there good documentation on Netfilter/iptables strategies with strongSwan?
Whit Blauvelt
whit at transpect.com
Sat Sep 23 21:00:54 CEST 2017
On Sat, Sep 23, 2017 at 10:58:11AM -0400, Eric Germann wrote:
> First off in AWS, if you’re going to be a router, have you disabled
> “Source/Destination Check” (or something to that effect) in the instance
> properties? If not, the instance will work across the tunnel, but you
> won’t be able to route through it.
Thanks Eric. I had already done that; it has been disabled this whole time.
I've also done the other obvious stuff, such as turning of rp_filter,
turning on forwarding....
Hopefully someone can point me in the right direction to answer my Netfilter
questions.
Best,
Whit
More information about the Users
mailing list