[strongSwan] Local network (routing)
Rene Maurer
rmnet at mailc.net
Mon Oct 10 15:44:35 CEST 2022
Hi
I am using strongSwan U5.4.0/K4.4.107 (embedded device).
The ipsec tunnel is established over a mobile network and it works fine.
Additionally I have an Ethernet interface eth0 with the address 10.162.110.161. eth0 is connected to 10.162.110.165.
I am looking for a way to access the devices connected to eth0 also locally and not only through the tunnel (connections 10.162.110.161 <=> 10.162.110.165 should work).
Is that even possible? If so how?
I have:
---------
# ipsec status
Security Associations (1 up, 0 connecting):
one[1]: ESTABLISHED 9 seconds ago, 10.162.225.65[****]...91.230.141.233[****]
one{1}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: cb51bd6c_i b9503f34_o
one{1}: 10.162.110.160/29 === 10.0.0.0/
---------
# route -n
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
10.162.110.160 0.0.0.0 255.255.255.248 U 100 0 0 eth0
---------
ip route show table 220
10.0.0.0/8 via xxx.xxx.xxx.xxx dev ppp0 proto static src 10.162.110.161
----------
# ipsec.conf:
conn one
# we are left
left=10.162.225.65
leftid=*****
leftsubnet=10.162.110.160/29
leftcert=****.crt
leftsendcert=always
# XXX is right
right=xxx.xxx.xxx.xxx.
rightid=****
rightsubnet=10.0.0.0/8
auto=start
----------
Regards
René
More information about the Users
mailing list