Hi folks,
i am trying to setup a ikev2 road warrior scenario where all traffic from the client should be routet through the IPsec GW
my problem is that the "no Track Chain=prerouting" disables masuqerading for the clients and so no traffic is passing...
any quick advise how to accomplish that all traffic from the client is routet through the CHR which is my IPsec Serverand gets masqueraded to the public ip of the CHR ?
with split tunneling averything works fine except for traffic on LAN interface of CHR but routet subnets with distances >0 are working just fine..
also the firewall filter forward chain is matching policies... i don't get this no track stuff...
Cheers,
Chris