Hey there,
I have RB951Ui-2nD client that is connected to StrongSwan server thru pure IPSec IKEv2. When a peer is active all traffic goes thru the VPN server by dynamically created policy. For example, src. 10.5.0.1/32 dst 0.0.0.0/0 where 10.5.0.0/24 is a pool from the VPN server, as I understand - classic road warrior scenario. But I need only access to the VPN server, I don't need it as a gateway.
So, the question is how it could be configured to route traffic thru IPSec, only when destination is VPN server?