[strongSwan] FreeBSD endpoints issue
simplerezo at gmail.com
Tue Feb 23 11:37:51 CET 2021
I have setup a StrongSWAN VPN IPsec tunnel between two hosts:
[LAN_A] <=> [HOST_A][PUBLIC_IP_A] <=> [PUBLIC_IP_B][HOST_B] <=> [LAN_B]
192.168.6.0/24 gw PUBLIC_IP_A
It's working: hosts on LAN_A can reach LAN_B hosts and vice-versa.
But, on the endpoints running StrongSWAN, I cannot reach remote LAN except if I
specify the source address of LAN.
host_A# ping 192.168.6.1
host_A# ping -S 192.168.1.254 192.168.6.1
That's seems logic to me, because by default packet sent to remote LAN are
using the route LAN_B gateway IP_PUBLIC_A, so kernel is using IP_PUBLIC_A
as source (checks by tcpdump).
What I need to setup to be able to reach the remote LAN from each peer
without specifying source IP address ?
Thanks for you help
More information about the Users