On 11.12.2016 15:50, Slawa Olhovchenkov wrote: >> You can specify what you want, but this just will not work as you >> expect. A router usually must not handle all TCP sessions that it > > You mean forward to IPSec system only packets with DST_IP = my_ip? > I that case, why you talk only about not handled returned packets? > Originated packets also don't address to me.
I already described how it works and that you can configure what you want. https://lists.freebsd.org/pipermail/freebsd-net/2016-December/046616.html -- WBR, Andrey V. Elsukov
signature.asc
Description: OpenPGP digital signature
