Strongswan
Somehow working:
forecast {
# Multicast groups to join locally, allowing forwarding of them.
groups = 224.0.0.1,224.0.0.22,224.0.0.251,224.0.0.252,239.255.255.250
# Local interface to listen for broadcasts to forward.
interface = BRIDGE_LAN
# Whether to load the plugin. Can also be an integer to increase the
# priority of this plugin.
load = yes
# CHILD_SA configurations names to perform multi/broadcast reinjection.
# reinject = mobile,linux
}
connections {
linux {
local_addrs = 192.168.3.253
remote_addrs = darkrealm.dyndns.org
keyingtries = 0
local {
auth = pubkey
certs = neorealm.crt
}
remote {
auth = pubkey
certs = darkrealm.crt
}
children {
linux {
local_ts = 192.168.2.0/24,192.168.3.0/24,224.0.0.0/4,fd00:ffff:bbbb::/64,ff00::/8
remote_ts = 192.168.0.0/24,192.168.1.0/24,224.0.0.0/4,fd00:ffff:aaaa::/64,ff00::/8
mark_in = %unique
mark_out = %unique
ipcomp = yes
start_action = trap
close_action = trap
dpd_action = trap
}
}
}
}