Hello René,
Yes, if the networks overlapped then that was the right solution.
It was not clear to me that they were just from the email.
Kind regards
Noel
On 10.10.22 22:33, Rene Maurer wrote:
On 10.10.2022 Noel Kuntze wrote:
Please provide the output of `ipsec statusall` as well as `ip x p`. Also, what
are your firewall rules (iptables-save, nft list ruleset).
On 10.10.22 15:44, Rene Maurer wrote:
I am looking for a way to access the devices connected to eth0 also locally and not
only through the tunnel (connections 10.162.110.161 <=> 10.162.110.165 should
work).
Is that even possible? If so how?
Thanks for your answer Noël.
It was much easier. According to
https://lists.strongswan.org/pipermail/users/2015-May/008222.html, the key is
to set up a passthrough connection in ipsec.conf. Very elegant IMHO ;-)
I have added in ipsec.conf:
conn eth0_local
leftsubnet=10.162.110.160/29
rightsubnet=10.162.110.160/29
authby=never
type=passthrough
auto=route
This works perfect as far as I can see so far.
I hope this is the recommended way to do it.
Kind regards
René
