Hi, I'm curious about the ipsec packet flow, as I need to set up firewall rules for my ipsec site-to-site tunnel.
In the packet flow diagram, the ipsec decryption show the encrypted packet is decrypted first, then goes back into the input chain.
When the encrypted packet is received at the first step, the source address of the packet is the remote router public ip.
After it is decrypted, does the source ip remain the same as the remote router public ip, or does it change to the server router internal ip?