Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [ikev2]

93 questions
1
vote
1 answer

StrongSwan ikev2 routing through VPN in Windows 10

I'm trying to create an ikev2 VPN using StrongSwan on an ubuntu server. Now, in Windows 10 clients, use default gateway on remote network option is off by default; so when I connect to the server, traffic bypasses VPN completely unless I enable that…
Mahdi Ghiasi
  • 361
  • 2
  • 4
  • 15
1
vote
2 answers

IKEV2 VPN doesn't hides real IP from Windows client

I have just set up VPN server using IKEv2 at home. Everything works fine, but the problem that when I am connected to the VPN from Windows 10 client I have external IP of the network where I connected from to VPN. For instance My home server has…
frvzuaex
  • 55
  • 1
  • 6
1
vote
0 answers

Strongswan site to site tunnel

I configured strongswan on ServerA and ServerB and tunnel them successfully by this tutorial: http://linoxide.com/how-tos/ipsec-vpn-gateway-gateway-using-strongswan/ but i want to run this senario: Client[IKEV2 VPN Connection] -----------> Server A…
user3699217
  • 31
  • 2
1
vote
0 answers

How to fix failing connection to VPN(ipsec+ikev2)?

Auth made with certificates ubuntu 16.04 + strongswan. Client connecting from win7, certificate was added like said in strongswan Wiki. Config made also like in strongswan wiki, but i got error: 'plutostart deprecated, so i removed it. So my…
littleguga
  • 166
  • 1
  • 7
1
vote
0 answers

RRAS IKEv2 Behind Router

I have an installation of Server 2012 R2 running that I need to deploy an IKEv2 VPN on. It's my way of accessing files at my office. The current setup involves a NAT Router (Just a standard ISP-distributed router) that sits in front of said server.…
Fuselight
  • 111
  • 3
1
vote
1 answer

Is it possible to use certificate from public CA for IKEv2 without importing intermediate cert?

I have configured ikev2 vpn on a strongswan server and a Windows 10 client, and it works fine. The authorization method is leftauth=pubkey and rightauth=eap-mschapv2. Because the leftcert to authorize a server is self-signed, I have to import CA…
limilaw
  • 146
  • 1
  • 8
1
vote
2 answers

Accounting IPSec connections with RSA authentication

Apple iOS has "VPN On Demand" function. With this function the VPN connection is made whenever the device tries to connect to certain domains or to the internet at all. iOS supports "VPN On Demand" only with certificated-based authentication. To…
John Green
  • 105
  • 1
  • 2
  • 9
1
vote
1 answer

My Win 11 Pro VPN client for IKEv2 is perpetually broken

I am tearing my hair out over this sudden refusal of Windows 11 Pro on my PC to use the appropriately configured crypto in IKEv2 negotiation. It worked fine for a long time, until it didn't. This issue persists over new installs. Meaning I have…
TheOrionArm
  • 11
  • 4
1
vote
0 answers

issue with connecting to IKEV2 VPN server from android devices

We are facing a problem with connecting android devices to our VPN server. iOS devices do not have any problems connecting. Android devices trying to connect via StrongSwan official app from Google Play. And iOS from system settings. VPN server…
Maksim Zakharenka
  • 11
  • 1
1
vote
1 answer

Site-to-Site VPN and Remote Access VPN with Strongswan

I've recently deployed a Strongswan IKEv2 Remote Access VPN in two different sited with two different ubuntu servers. It all works great, but now i want to "merge" the two sites with a site-to-site vpn, so that i can leave only one Remote Access VPN…
P1r4nh4
  • 11
  • 2
1
vote
0 answers

libreswan with Ikev2 client and plain text password

I need to set up a connection to VPN server with Libreswan. I can't use strongswan, since they are not working well together when installed on the same OC. My system is Linux Debian 10 (Buster) Kernel version: 4.19.0-17 I already have a working…
Roustam Dzhafarov
  • 11
  • 2
1
vote
0 answers

How to disable all default cryptographic algorithms but the explicitly defined ones in OpenIKED?

I am having issues with setting up highly secure but still high performance IKEv2 tunnels between multiple data centers on OpenBSD nodes, by using very strict security features and allowing the use of a very narrow window of cryptographic…
Tony
  • 11
  • 2
1
vote
1 answer

Strongswan Error: no config named 'foo'

On Ubuntu 20.04, I am trying to establish a VPN tunnel to a IKEv2/Ipsec VPN site using Strongswan. However, even though I have the file /etc/ipsec.conf as shown # ipsec.conf - strongSwan IPsec configuration file # basic configuration config setup …
Nyxynyx
  • 1,459
  • 11
  • 39
  • 49
1
vote
1 answer

migrating ipsec.conf to swanctl.conf, cant seem to get it to work

this is my ipsec.conf that works as it should: conn pelle left=%defaultroute leftsourceip=%config leftauth=eap-mschapv2 eap_identity=min user right=vpn.mydomain.com rightsubnet=0.0.0.0/0 rightauth=pubkey rightid=%vpn.mindomän …
per källström
  • 63
  • 2
  • 6
1
vote
2 answers

Specifying machine certificate issuer with Windows VPN

I am trying to create a Windows Always On VPN connection between an AD and AAD joined Windows 10 client and a StrongSwan VPN server. The Windows client has multiple "Client Authentication" certificates in its machine store, one from our internal AD…
Cameron
  • 277
  • 2
  • 4
  • 10
1 2
3
4 5 6 7