我在 CentOS 上使用 Strongswan 作為 IPSEC VPN 伺服器。隧道啟動後,是否可以告訴客戶端(win7)透過隧道介面路由所有流量?
這是我的 ipsec.conf
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
config setup
conn %default
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
ike=aes256-sha1-modp1024!
esp=aes256-sha1!
dpdaction=clear
dpddelay=300s
rekey=no
conn rw-eap
left=%defaultroute
leftsubnet=0.0.0.0/0
leftsourceip=62.244.57.9
[email protected]
leftcert=server.crt
leftauth=pubkey
leftfirewall=no
right=%any
rightauth=eap-mschapv2
rightsourceip=62.244.57.9/29
rightsendcert=never
eap_identity=%any
auto=add