User Details
User Details
- User Since
- Aug 4 2016, 1:27 PM (426 w, 3 d)
Sep 15 2016
Sep 15 2016
Aug 22 2016
Aug 22 2016
Aug 16 2016
Aug 16 2016
• jeffbearer added a comment to Q39: How to force source address over IPsec site-to-site VPN?.
Linux is going to source traffic for an arbitrary service to the outgoing interface of the selected route. I don't know what facilities might be available to plumb into vyos the notion of binding specific services to a specific interface, (I'd suggest a loopback/dummy interface) and route internally. But the problem is that you wouldn't want this for every service, ie vpn etc. and this is where it gets hairy.
Aug 12 2016
Aug 12 2016
• jeffbearer added a comment to Q39: How to force source address over IPsec site-to-site VPN?.
I was curious about this so I added the 169.254 addresses of my vyos bgp link to my vpc route tables and security groups but I still could not get the traffic to pass. I'm guessing AWS is not allowing traffic from the BGP interface to route. Ideally you would want a way to source all traffic from a dummy interface. IMO