Project

General

Profile

Issue #3524

Routing public IP addresses thru the VPN tunnel (Peer is Cisco ISR)

Added by Adam Bou 4 months ago.

Status:
New
Priority:
Urgent
Assignee:
-
Category:
-
Affected version:
5.8.4
Resolution:

Description

I am working with a client to connect his AWS EC2 instance to another company that requests that all interesting traffic has to be public IP addresses (to make sure they don't deal with overlapping IP addresses).

I tested with 2 EC2 instances (both Stronswan) and was able to make it work using PREROUTING and POSTROUTING iptables rules, but when I tried with that company, the tunnel comes up only when leftsubnet is one public IP address. The person on the other side (the company) is using Cisco ISR and has defined all our 4 Public IP addresses for his interesting traffic.
When the on leftsubnet I set only 1 IP address, the tunnel is up but the traffic is not being routed thru the tunnel. POSTROUTING is not being applied to my traffic.

Any help will be very appreciated.

Thank you.

VPN.jpg (29.8 KB) VPN.jpg EC2 to EC2 test (successfull) Adam Bou, 24.07.2020 03:14

Also available in: Atom PDF