One way to go would be configuring a route based VPN[1]. Then you can use
all kinds of Linux routing tricks to get just that user's traffic over the
VPN by directing it to the vti interface. For example you could launch that
user's processes in a network namespace, or use the "owner" module of
iptables to match traffic from processes run as that user and mangle them
to use the VPN.


On Thu, May 17, 2018 at 9:25 AM Gilles Printemps <>

> Hi,
> Is there a way to force all the traffic from a specific linux user to be
> routed through the VPN?
> I would like to use the split tunnelling but I don't understand how to
> configure Strongswan?
> Thanks for your help / BR Gilles

Reply via email to