How to Route certain traffic to a VPN and else to the internet

Question

I currently have a linux server with fedora 22, which I intend to use as a router, and right now I have openswan conected with ipsec to a remote fortigate 60c, what I would like to know is how to go about, routing the traffic destinated to 192.168.1.0/24, which is the remote lan, from my segment 192.168.30.0/24, and the rest of unrelated traffic to the internet.

** note I'm using the NIC conected to the internet, also for the VPN, and I use another nic for segment 192.168.30.0/24 as my home network, the linux server provides dhcp.

score 0 · Answer 1 · answered Aug 06 '15 at 22:02

I got it to ping usaing a mascarade for the traffic from the lan to the wan, but after reading some other documents, i ended up removing the mascarade and just allowing traffic between the interfaces, now it all works perfect

iptables -A INPUT -m policy --dir in --pol ipsec -j ACCEPT
iptables -A FORWARD -m policy --dir in --pol ipsec -j ACCEPT
iptables -t nat -A POSTROUTING -m policy --dir out --pol none -j MASQUERADE

How to Route certain traffic to a VPN and else to the internet

1 Answers1