5

Filtering incoming Strongswan VPN packets with iptables

view full story
linux-howto

http://serverfault.com – I am using a Strongswan VPN server on a Debian Squeeze machine. The incoming VPN clients get an IP of the 192.168.99.0/24 subnet. As I am using this VPN mainly to have encryption when using non-encrypted WLANs I am doing a source NAT into the internet using iptables. (I prefere source NATing because the server has a static ipv4 adress.) At the moment I am using the following iptables command # used for StrongSWAN iptables -t nat -I POSTROUTING -s 192.168.99.0/24 -o eth0 -j SNAT --to-source <public IP adress of server> My question is: when using this rule, every traffic that is incom (HowTos)