We are running StrongSWAN as part of an IPFire router distribution.
Strongswan handles multiple tunnels via the WAN interface, and that
interface has multiple public IPs associated with it.
We are also trying to pass L2TP/IPSec through the router to a Windows
RRAS server for the purpose of establishing roadwarrior-type VPN
connections to one of the other IP Addresses.
Currently, this is not working, and it seems that it is because
StrongSwan is trying to handle the IPSec traffic, instead of passing it
through to the windows server.
After digging through the docs a little, it looks to me that we need to
specify the "charon.interfaces_use" directive in the configuration to
limit StrongSwan to only one of the configured IP Addresses.
Does that make sense?
Tom
