[strongSwan] FreeBSD endpoints issue

Support SimpleRezo simplerezo at gmail.com
Tue Feb 23 11:37:51 CET 2021


I have setup a StrongSWAN VPN IPsec tunnel between two hosts:


HOST_A route: gw PUBLIC_IP_A

It's working: hosts on LAN_A can reach LAN_B hosts and vice-versa.

But, on the endpoints running StrongSWAN, I cannot reach remote LAN except if I
specify the source address of LAN.
host_A# ping
(no answer)
host_A# ping -S

That's seems logic to me, because by default packet sent to remote LAN are
using the route LAN_B gateway IP_PUBLIC_A, so kernel is using IP_PUBLIC_A
as source (checks by tcpdump).

What I need to setup to be able to reach the remote LAN from each peer
without specifying source IP address ?

Thanks for you help


More information about the Users mailing list