#StackBounty: #ubuntu #ipsec #ubuntu-18.04 #strongswan #tunnel How can I route traffic over IPSec tunnel?

Bounty: 50

I have two sites: MAIN (local subnet 192.168.0.0/24, external IP: M.M.M.M) and CLIENT (10.0.0.0/24, external IP: C.C.C.C). I created an IPSec tunnel between the sites and both sites can ping computers in both subnets. So far so good.

# ipsec status
Security Associations (1 up, 0 connecting):
tunnel[1]: ESTABLISHED 7 minutes ago, 10.0.0.15[C.C.C.C]...M.M.M.M[M.M.M.M]
tunnel{1}:  INSTALLED, TUNNEL, reqid 1, ESP in UDP SPIs: c7e6cd30_i ca170c58_o
tunnel{1}:   10.0.0.0/24 === 192.168.0.0/24

MAIN’s external IP address is whitelisted by some resources on the internet (they can only be accessed from MAIN’s address). I would like to configure the routing in a way that these resources are accessed by CLIENT’s site through that tunnel and MAIN’s gateway.

I would normally try doing this by configuring static routing and NAT. The problem here is that I do not have a device that I can use for defining the routes. If I had a VPN server at the MAIN site and VPN client and the CLIENT site, then the VPN client would have some tun interface that I could use to configure what I need.

Can I achieve the same having an IPSec tunnel between two sites?


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.