Is it possible to push a route when a client connects to Strongswan server?

Question

I have a Strongswan IKEv2 server and I can connect to it from Windows 10 using built in VPN client but I cannot ping the subnet behind the vpn server. It only works when I manually add a route to the subnet with route add 192.168.12.0 mask 255.255.255.0 10.100.0.1. Basically the same issue that strongSwan server with Windows 7 clients doesn't route traffic.

Is it possible to automate it from the server side (i.e. I don't have to create a bat file on every client desktop to add the route)?

score 1 · Answer 1 · answered May 09 '17 at 11:37

In particular we cannot push routes to the client using strongSwan. Instead you can mention required subnets in rightsubnet and leftsubnet to route traffic through the Tunnel. Then connected clients will route traffic to the destinated subnets through gateway.

score 0 · Answer 2 · answered May 04 '17 at 16:17

0

put an iptables rule to mark the packets belonging to the vpn session and then an iproute2 rule to divert market packets to a different table containing the routes you want.

answered May 04 '17 at 16:17

Vins Vilaplana

21
1

Is it possible to push a route when a client connects to Strongswan server?

2 Answers2