I’ve got three VLAN in a bridge for them, and I have two VPN (OPVN and L2TP IPSec).
I’d like to one of the VLAN’s traffic goes trough L2TP IPSec VPN. So in much clearly, I’d like to one of the VLAN go to the internet trough VPN (L2TP IPSec).
VLAN network is: 10.1.1.0/24
L2TP IPSec client IP from the pool: 192.168.67.11
I guess trick is something with NAT. But I try everything srcnat, dstnat, but not work. Can someone know how I do this?
Thanks
If you are using an L2TP interface for your tunnel you can setup a mangle rule to capture the source traffic and “point” it to your L2TP interface.
This is beyond what you can achieve with “a trick”.
When you have a network that complex, you need to understand how it works before you can configure it.
Concepts of L2 (VLAN) and L3 (IP) have to be clear to you, and you need to understand how you can use IPsec directly
with IPsec policies, indirectly with tunnels like IP, GRE or L2TP, and where NAT fits into that picture.
When you are ‘putting VLANs in a bridge’ , I guess you need to revise your strategy on this.
Okay I see, I am not good as the network request, but I try. So I tried the mangel preroute or postroute with action route to point the VPN first hop which is I think the VPN GW but it just stuck.
Bridging the VLAN’s is not a fault in my case, VLAN’s must see each other, I’d like to separate the main bridge and the VLAN’s from each other.
Can you write down the correct configuration commands? Please