The router <b>moon</b> sets up a connection to gateway <b>sun</b> in order
to reach the subnet hidden behind <b>sun</b>. The gateway <b>sun</b> assigns a
virtual IP address to router <b>moon</b>. A special updown script on <b>moon</b>
specified by <b>leftupdown=/etc/nat_updown</b> dynamically inserts a source NAT rule
which maps the IP address of client <b>alice</b> to the virtual IP of <b>moon</b>.
This allows <b>alice</b> to access client <b>bob</b> via the established IPsec tunnel.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / ikev2 / nat-virtual-ip