AFIK to do layer2 stuff (like DHCP) you will need to do something like GRE or L2TP (which you can then encapsulate in IPSEC).
Regards, Michael Holstein Cleveland State University ________________________________ From: [email protected] <[email protected]> on behalf of Carsten Schlote <[email protected]> Sent: Thursday, February 11, 2016 10:58 AM To: [email protected] Subject: [strongSwan] Transparently route all packets through a IPSEC tunnel - is this possible? Hi, I need some help with the follwing question: The idea is to forward all packets received on a given local interface or bridge interface to some other network over an IPSEC tunnel instead of using the default route. The other network will handle DHCP, DNS and sends appropriate packets back over the tunnel, as well it will serve as the default route. Is it possible to route packets that way with an IPSEC tunnel? Or do I need some kind of DHCP proxy on the local interface, so that DHCP requests could be indirectly forwarded to some host behind the IPSEC tunnel? That way the systems connected to the local interface could configure an IP and could be matched to the local side of the IPSEC tunnel. The DHCP answer would also configure a default route to some system behind the IPSEC tunnel. Is this possible? Any help, hints or weblink would be appreciated. Regards Carsten
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
