One way to go would be configuring a route based VPN[1]. Then you can use all kinds of Linux routing tricks to get just that user's traffic over the VPN by directing it to the vti interface. For example you could launch that user's processes in a network namespace, or use the "owner" module of iptables to match traffic from processes run as that user and mangle them to use the VPN.
[1]: https://wiki.strongswan.org/projects/strongswan/wiki/RouteBasedVPN On Thu, May 17, 2018 at 9:25 AM Gilles Printemps <[email protected]> wrote: > Hi, > Is there a way to force all the traffic from a specific linux user to be > routed through the VPN? > I would like to use the split tunnelling but I don't understand how to > configure Strongswan? > > Thanks for your help / BR Gilles >
