0

I set up the StrongSwan and IKEv2 as remote access on CentOS 7, And it is working great but on some internets (not all, most ADSL modems or 4G modems) it connects but there is no internet access on the VPN connection

I am using eap-mschapv2, and also I used forwarding rules for iptables

I put the sim card of the 4g modem in my phone and I could connect using my mobile phone, But it seems there is a problem with some such modems, I had the same problem with another ADSL modems

config setup
    uniqueids = never
conn %default
    compress = yes
    left = %any
    leftsubnet = 0.0.0.0/0
    leftfirewall = yes
    right = %any
    rightsourceip = 10.1.0.0/16
    rightid = %any
    leftdns = 8.8.8.8,8.8.4.4
    rightdns = 8.8.8.8,8.8.4.4
conn IKEv2-EAP
    esp = aes256-sha256,aes256-sha1,3des-sha1!
    ike = aes256-sha256-modp2048,aes256-sha1-modp2048,aes128-sha1-modp2048,3des-sha1-modp2048,aes256-sha256-modp1024,aes256-sha1-modp1024,aes128-sha1-modp1024,3des-sha1-modp1024!
    leftauth = pubkey
    leftca = "C=US, O=StrongSwan VPN, CN=StrongSwan VPN CA"
    leftcert = server.cert.pem
    leftsigkey = server.pub.pem
    leftid = myserver.com
    rightauth = eap-mschapv2
    rightsendcert = never
    eap_identity = %any
    fragmentation = yes
    rekey = no
    auto = add

Appreciate for any help

Farhad Sakhaei
  • 131
  • 2
  • 10
  • In any strange case run the tcpdump and check the traffic. Maybe the issue is related with MTU. – Anton Danilov Aug 10 '19 at 11:48
  • @AntonDanilov How to check that? I have 5 internet connection now, There is a problem with one of them (4G modem) I put the sim card of the 4g modem in my phone and I could connect using my mobile phone, But it seems there is a problem with some such modems, I had the same problem with another ADSL modems – Farhad Sakhaei Aug 10 '19 at 11:51
  • @AntonDanilov How should I set the MTU ? Thank you – Farhad Sakhaei Aug 10 '19 at 11:56

0 Answers0