Lost with vpn config
What I want is to setup my linode to appear as another host on my lan, so that I can route certain services over the encrypted VPN connection. I'm looking for something like ftp/smb/nfs. Probably SMB as I develop on Windows. After completing a multistage in place upgrade from Ubuntu 12.x 32bit to 14.04 64bit upgrade, I've been trying to follow this article
I'm pretty sure I'm looking to replicate at least a portion of the bdi-nas connection, as all I want is the specific traffic for the target network on the vpn. I don't want to tunnel all my traffic either way, which is unfortunately just about all I can find for other documentation, nothing talks about split-tunnel.
I have active IPSec connections from home to two separate remote offices with site to site, 1 running a PFSense firewall and one a Cisco ASA. So I know I'm not having a filtering/firewall problem.
I'm feeling lost at this point. I've wiped my config on both ends a few times and am just having a hard time with StrongSwan, OpenSwan didn't do any better, and I just hit a wall looking into OpenVPN. Suggestions, examples, alternatives would all be welcome. This is my first site to single public host, and I think I'm getting stuck with something at this part.
Is site-to-host much different than site-to-site?
What magic does StrongSwan do?
Do I need a dummy interface?
conn slackbox auto=route left=192.168.2.6 leftcert=vpn.pem leftid="CN=vpn.way-of-the-blade.com" leftsubnet=192.168.2.6/24 leftsourceip=192.168.2.6 leftauth=pubkey mobike = yes right=126.96.36.199 rightcert=slackbox.pem rightid="CN=slackbox.way-of-the-blade.com" rightsubnet=192.168.3.1/24 rightauth=pubkey dpdaction=restart ike=aes256-sha1-modp2048
On the Linode end:
conn stnino auto=route leftcert=slackbox.pem leftid="CN=slackbox.way-of-the-blade.com" leftsubnet=192.168.3.1/24 leftsourceip=192.168.3.1 leftfirewall=no leftauth=pubkey mobike=yes right=vpn.way-of-the-blade.com rightcert=vpn.pem rightid="CN=vpn.way-of-the-blade.com" rightsubnet=192.168.2.6/24 rightsourceip=192.168.2.6 rightauth=pubkey ike=aes256-sha1-modp2048