[strongSwan] FreeBSD endpoints issue
Tobias Brunner
tobias at strongswan.org
Tue Feb 23 11:53:05 CET 2021
Hi,
> That's seems logic to me, because by default packet sent to remote LAN are
> using the route LAN_B gateway IP_PUBLIC_A, so kernel is using IP_PUBLIC_A
> as source (checks by tcpdump).
On FreeBSD, we can't easily install routes that force a specific source
address, which we do on Linux. However, there is an option that
installs routes directing traffic to the internal interface, which
should force that IP address as source. Please try enabling
charon.plugins.kernel-pfkey.route_via_internal in strongswan.conf.
Regards,
Tobias
More information about the Users
mailing list