Using Strongswan IPSEC
eth0 IP is xx.xx.129.177 (which is our public IP and the one currently sending requests)
the gate way to eth0 is xx.xx.128.1
eth0:1 IP is 10.16.0.24/16 - Client expects this address to deliver TCP requests and make the SQL connection, is this the private IP address of eth0? And can I route traffic to use this??
I'm not sure how to route traffic through eth0:1 and tbh I'm not sure if I'm thinking about routing correctly with the firewall rules either, I've tried to config a vti but had no luck so far.
I've manufactured IP addresses but anyway, the tunnel is established and active
Status of IKE charon daemon (strongSwan 5.8.2, Linux 5.4.0-131-generic, x86_64):
uptime: 4 minutes, since Nov 09 09:23:28 2022
malloc: sbrk 3084288, mmap 0, used 1178368, free 1905920
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 1
loaded plugins: charon test-vectors ldap pkcs11 tpm aesni aes rc2 sha2 sha1 md5 mgf1 rdrand random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl gcrypt af-alg fips-prf gmp curve25519 agent chapoly xcbc cmac h>
Listening IP addresses:
xx.xx.129.177
10.16.0.24
----------IPv6 addr
10.106.0.19
Connections:
ikev2-vpn: xx.xx.129.177...xx.xx.xx.xx IKEv2, dpddelay=45s
ikev2-vpn: local: [xx.xx.129.177] uses pre-shared key authentication
ikev2-vpn: remote: [xx.xx.xx.xx] uses pre-shared key authentication
ikev2-vpn: child: 0.0.0.0/0 === 0.0.0.0/0 TUNNEL, dpdaction=clear
Security Associations (1 up, 0 connecting):
ikev2-vpn[3]: ESTABLISHED 103 seconds ago, xx.xx.129.177[xx.xx.129.177]...xx.xx.xx.xx[xx.xx.xx.xx]
ikev2-vpn[3]: IKEv2 SPIs: e230895c46f01cf6_i* c0858ade8e997bdc_r, rekeying disabled
ikev2-vpn[3]: IKE proposal: AES_CBC_256/HMAC_SHA2_384_192/PRF_HMAC_SHA2_384/MODP_2048_256
ikev2-vpn{2}: INSTALLED, TUNNEL, reqid 2, ESP in UDP SPIs: c9c519ad_i de8973aa_o
ikev2-vpn{2}: AES_CBC_256/HMAC_SHA2_256_128, 132 bytes_i (3 pkts, 2s ago), 10601 bytes_o (37 pkts, 17s ago), rekeying disabled
ikev2-vpn{2}: 0.0.0.0/0 === 0.0.0.0/0
