[stunnel-users] client with two source IPs and one destination

Christopher Schultz chris at christopherschultz.net
Mon May 11 20:55:35 CEST 2020


Daniele,

On 5/11/20 10:53, Daniele Basaldella wrote:
> Dear group,
> I've to configure a couple of tunneled connections (call them TC1 and
> TC2), client side, on a linux system.
> The target of both such connections is the same (destination ip and port
> are the same, call it DST).
> At source side (my server) I have a two IP addresses (call them IP1 and
> IP2) assigned and currently working to its unique NIC. I normally use
> iptables SNAT to split the traffic between IP1 and IP2 depending on
> destination addresses but in this case I've to distinguish it at
> application level (TC1 and TC2).
> I'd like to get TC1 to set the outgoing traffic with source address IP1
> and TC2 to set outgoing traffic with source address IP2. 
> 
>     Tunnel           Tunnel
>     Client           Server
> 
> TC1:  IP1    --\
>                 >-->   DST 
> TC2:  IP2    --/
> 
> I'm thinking to set one entry in stunnel.conf for each TC1 and TC2 and
> use *transparent* = source  clause to set the source address but it
> seems my case is not so common and I didn't find documentation. 
> Please could you suggest a solution.

If it's important for you to set the outgoing interface, then you should
use:

local=IP1

in your config for the tunnel definition.

-chris

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://www.stunnel.org/pipermail/stunnel-users/attachments/20200511/99d11079/attachment.sig>


More information about the stunnel-users mailing list