[strongSwan] Is it possible to access a VPN Tunnel behind a VPN Gateway

IL Ka kazakevichilya at gmail.com
Fri Nov 15 21:24:24 CET 2019

You need to configure routing.

* Clients on 10 network must know that is reachable via You must add appropriate record to their routing tables.
* must have forwarding enabled. If it has firewall, it must
also allow forwarding between these networks.
* must know that clients in is reachable via You must add appropriate record to it's routing table.

Alternatively, you could implement source NAT on
In this case may be left unaware about clients because all
connections to it will "look like" connections from
Not all protocols may go through nat nicely and also would not
be able to connect to it's clients (only "answer" their connections).


On Fri, Nov 15, 2019 at 11:11 PM guega at guega.de <guega at guega.de> wrote:

> This is the requested scenario:
> There is a SITE-TO-SITE VPN connection between network
> and a destination network
> * Client can ping server in the
> <> network*
> The remote * <>* network has a
> working SITE-TO-SITE VPN connection with the network *
> <>.*
> * Users in the <> network can ping
> Server in the <>
> network.*
> Is there a possibility to let client ping server
> in the network?
> How do I even route the traffic for through the tunnel to
> the network.
> Sadly a direct VPN connection between and
> is not an option due to some business related reasons.
> "Ping" stands for Client/Server Communication.
> Any advise would be very welcome.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20191115/dcbe8146/attachment.html>

More information about the Users mailing list