I'm struggling to replace my fw3 firewall config with nftables rules. How to separate ipsec/non ipsec traffic? For iptables I used "option extra" for ipsec parameters. I'm not sure how to get same for fw4.
Is someone willing to share simple firewall config working with 3 zones (lan, wan, vpn) with strongswan used as site to site connection? Something like:
site A: 192.168.0.0/24
site B: 192.168.1.0/24
Both sites connected to internet + secured tunel between site A and B.