Road Warrior IPsec & Split-Tunnel

Started by csmall, June 16, 2019, 06:13:24 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
June 16, 2019, 06:13:24 AM Last Edit: June 17, 2019, 02:30:09 PM by csmall
I followed this guide to get IPsec VPN working with Android using strongswan client and IKEv2.

https://wiki.opnsense.org/manual/how-tos/ipsec-rw-srv-eaptls.html

I connect just fine and can access the the firewall web interface on the LAN address but it is split tunnel.

I would like to force the Android phone to force all traffic over the tunnel. How can I do that?

If I can't force all traffic over the tunnel I would at least like to force dns resolution to take advantage of my pihole on mobile.
June 18, 2019, 11:51:54 AM #1
I tried a couple of things I found after searching the forums.

I tried changing the p2 local network to 0.0.0.0/0 and creating an outbound NAT rule on the WAN interface with a source of the VPN address pool network translated to the WAN address. After these changes when I connected to the tunnel I could no longer get to the internet.
Print
Go Up Pages1
User actions