[strongSwan] One to Many VPN (Host-Host)

Info infosec at quantum-equities.com
Mon Mar 5 21:13:34 CET 2018

I'm looking to VPN every machine in a LAN.  I infer that this would be
something like a host-to-host config.

I'll use swanctl/vici and x509 certs.

I can't identify any configurations that seem right for this at



Also, there is a machine outside on the Internet which I'd like to join
the party transparently.  It's a mail server, so somehow I'd like its
mail traffic to not be VPNed, but everything else to be.  I guess this
might be a roadwarrior with some kind of split for the mail ports.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20180305/ba8445d0/attachment.html>

More information about the Users mailing list