[strongSwan] strongswan doesn't route traffic
tobias at strongswan.org
Thu Sep 12 09:02:19 CEST 2019
> I think options like local_ts, remote_ts should be fine by default.
Not if you want to tunnel all traffic to your server. Set
`local_ts=0.0.0.0/0` if that's the case. Regarding forwarding traffic
> I grabbed it from strongswan's git
> repository because it's not with Arch's package.
It is, the path is /usr/lib/strongswan/_updown. Also, the default
script has a very specific purpose (installing firewall rules for
tunneled traffic if a default DROP policy is used for FORWARD), which
you might not actually need, depending on your firewall configuration.
More information about the Users