I have a ipsec vpn configured in /etc/ipsec.conf
conn ikev2vpn
ikelifetime=60m
keylife=20m
rekeymargin=3m
keyingtries=1
keyexchange=ikev2
ike=aes256gcm16-sha256-ecp521!
esp=aes256gcm16-sha256!
leftauth=eap-mschapv2
eap_identity=xxx
right=xxx
rightauth=pubkey
rightid=@xxx
rightsubnet=0.0.0.0/0
auto=add
After I enable this setting with "ipsec up ikev2vpn".
All the traffic will be forwarded to the VPN.
I'm wondering how can I only forward specific traffic to it?
Change the rightsubnet parameter (on the VPN server) to suit your outgoing traffic that you want to tunnel. Or if you can't change your server ipsec config, you need to add a traffic bypass policy on your client.