strongSwan is an open source, multi-platform IPsec-based VPN solution, with IKEv2 & IKEv1 support
strongSwan is an open source, multi-platform ipsec-based vpn solution, with IKEv2 & IKEv1 support.
More information can be found on strongswan.org.
Questions tagged [strongswan]
435 questions
0
votes
0 answers
Router (TP-Link MR200) with dynamic IP behind NAT failing to create IPSEC VPN to Ubuntu Strongswan
I've been trying to get this up and running and I got it further than I expected but am getting stuck at an error received INVALID_ID_INFORMATION error notify and there's a very peculiar local IP that shows in strongswan's logs, which isn't on the…
Normadize
- 139
- 1
- 7
0
votes
2 answers
Strongswan LTE connection re-establishing issue
Thank you for your help with my previous problem regarding Strongswan and allow me ask you for help one more. I have two networks connected to Strongswan server via two Mikrotik routers. The first router is connected to internet via cable modem and…
Petr W.
- 23
- 1
- 8
0
votes
1 answer
How can I set the source IP in strongswan's routing table
I have a site-to-site VPN where there's one subnet on the remote side and two on the local one:
conn site-to-site
leftsubnet = 10.10.0.0/16,10.11.0.0/16
rightsubnet = 10.50.0.0/16
Everything works fine, but I'm having an issue where the "wrong"…
dorian
- 427
- 1
- 8
- 24
0
votes
1 answer
StrongSwan IPsec PING only working once after ipsec restart
Diagram VPN site to site:
And a GIF showing what is happening.
I create an IP route like this:
sudo ip route add 192.168.1.0/24 via 10.132.146.166 eth0 eth1
And I have this iptable rules
sudo iptables -t nat -A POSTROUTING -o eth0 -j…
Makarov
- 11
0
votes
1 answer
Strongswan + FreeRADIUS and Windows 10 clients without internet access
I apologise for another query regarding Strongswan. I have created Strongswan server that has on one side multiple networks and on the second side are clients that are authorised via FreeRADIUS EAP-MSCHAPv2. Clients have access rights to specific IP…
Petr W.
- 23
- 1
- 8
0
votes
0 answers
AWS Ubuntu Strongswan IPSec VPN and Iptables configuration tunnel routing
I've muddled up my configuration.
I've setup a site-to-site VPN between an AWS Ubuntu VM running strongswan, and another site.
The VPN tunnel is working, but anytime I try to route traffic through the tunnel from the other site, there is no response…
Unpossible
- 249
- 1
- 7
- 20
0
votes
0 answers
Strongswan IKEv2 REAUTH request
I have successfully created IKEv2 connection between Mikrotik routerboard with LTE module and Strongswan server. Mikrotik has non-public dynamic IP address assigned by SIM card.
Strongswan:
config setup
charondebug="all"
uniqueids=yes
…
Petr W.
- 23
- 1
- 8
0
votes
1 answer
StrongswanPKI - Adding status_request or MustStaple TLS extension to certificate?
Using PKI tool from strongswan to setup a CA.
Trying to setup the OCSP side of things have run into many issues as per another thread I posted (Strongswan PKI - ED25519 Certifcates - OCSP Responder having issues).
Now I am looking at how to add…
shinooni
- 33
- 4
0
votes
1 answer
Iptables - allow remote VPN users to access services running on server
I am trying to setup VPN server (strognswan) and allow remote users access services like redis, nginx, mongodb etc. via VPN only - users should not have access to internet via VPN.
I'am able to connect to VPN server and send ping (iptables is…
user9443103
- 15
- 5
0
votes
0 answers
Stuup StrongSwan with user Cert
i will setting up strongswan and have some trouble with configure it. I can log in with user/pass but i will replace it with user.p12 certificate. When i add rightauth2=pubkey is login with user/pass no more working auth with user.p12 is no…
Hannes Peter
- 1
- 2
0
votes
1 answer
Strongswan: Connecting PSK & EAP at a time
I have successfully setup strongswan on a virtual Server. I basically have two kinds of configurations
Using EAP (username/password for Android Strongswan Client).
PSK (for IOS devices using built in VPN client)
I am able to connect more than…
Ajji
- 131
- 7
0
votes
1 answer
Strongswan to Cisco ASA with multiple right subnet
I've got an ikev2 tunnel up, initiated on the left from an ubuntu box with strongswan going to a cisco asa. Using ASA to ASA multiple networks work but I can not get it with strongswan.
#config setup
# strictcrlpolicy=yes
# uniqueids =…
parsecpython
- 395
- 2
- 6
- 16
0
votes
1 answer
Is it possible to set up a VPN server on Linux to authenticate against PAM or passwd with Android and Windows clients?
I have a Linux server and a need to connect to its network remotely from Windows 10 and Android clients. Is it possible to set the server up so that clients can authenticate against the user accounts on the Linux machine with usernames ans…
Steve
- 590
- 4
- 8
0
votes
1 answer
IPSEC configuration - Error writing to socket: operation not permitted
Hello I am trying to set up IPSEC for the first time and am running into an issue. I think on the first phase something is wrong but I can't seem to really figure out why I have these in the log:
Feb 2 12:47:59 15[NET] sending packet:…
Synbitz Prowduczions
- 103
- 1
- 5
0
votes
1 answer
VPN with different rules for different users
I am configuring a VPN with different kinds of rules.
However, I need different sets of rules for different users.
i.e.
User A will have XX.XXX.XX.XXX IP blocked
User B will have YY.YYY.YY.YYY IP blocked
And after some actions, I will have to…
Tony
- 445
- 2
- 6
- 14