Hello Radek, > Problem over here is that when I turn on firewall packets are rejected > because origin of (decrypted) packets is eth0. Is there any possibility > to route VPN traffic via dummy0, so firewall will see those as comming > from dummy0?
I'm not aware of any method to change the interface identifier. I'd recommend to adjust your firewall rules. Have a look at iptables ipsec "policy" matching, it is rather powerful. It allows you to match traffic that comes out of any (or even a specific) IPsec tunnel. Regards Martin _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
